/**
 *
 */
import Util;
import OpenApi;
import OpenApiUtil;
import EndpointUtil;

extends OpenApi;


init(config: OpenApi.Config){
  super(config);
  @endpointRule = 'central';
  @endpointMap = {
    'ap-southeast-1' = 'cloudfw.ap-southeast-1.aliyuncs.com',
    'cn-hangzhou' = 'cloudfw.cn-hangzhou.aliyuncs.com',
  };

  checkConfig(config);
  @endpoint = getEndpoint('cloudfw', @regionId, @endpointRule, @network, @suffix, @endpointMap, @endpoint);
}

function getEndpoint(productId: string, regionId: string, endpointRule: string, network: string, suffix: string, endpointMap: map[string]string, endpoint: string) throws: string{
  if (!Util.empty(endpoint)) {
    return endpoint;
  }
  
  if (!Util.isUnset(endpointMap) && !Util.empty(endpointMap[regionId])) {
    return endpointMap[regionId];
  }
  return EndpointUtil.getEndpointRules(productId, regionId, endpointRule, network, suffix);
}

model AddAddressBookRequest {
  addressList?: string(name='AddressList', description='The addresses that you want to add to the address book. Separate multiple addresses with commas (,).

>  If you set GroupType to `ip`, `port` or `domain`, you must specify AddressList.

*   If you set GroupType to `ip`, you must add IP addresses to the address book. Example: 192.0.XX.XX/32,192.0.XX.XX/24.
*   If you set GroupType to `port`, you must add port numbers or port ranges to the address book. Example: 80,100/200.
*   If you set GroupType to `domain`, you must add domain names to the address book. Example: example.com,aliyundoc.com.', example='192.0.XX.XX/32, 192.0.XX.XX/24'),
  autoAddTagEcs?: string(name='AutoAddTagEcs', description='Specifies whether to automatically add public IP addresses of ECS instances to the address book if the instances match the specified tags. Valid values:

*   **1**: yes
*   **0** (default): no', example='1'),
  description?: string(name='Description', description='The description of the address book.

This parameter is required.', example='sz-001'),
  groupName?: string(name='GroupName', description='The name of the address book.

This parameter is required.', example='sz-001'),
  groupType?: string(name='GroupType', description='The type of the address book. Valid values:

*   **ip**: IP address book
*   **domain**: domain address book
*   **port**: port address book
*   **tag**: ECS tag-based address book

This parameter is required.', example='ip'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
  tagList?: [ 
    {
      tagKey?: string(name='TagKey', description='The key of the ECS tag.', example='TXY'),
      tagValue?: string(name='TagValue', description='The value of the ECS tag.', example='1'),
    }
  ](name='TagList', description='The ECS tags that you want to match.'),
  tagRelation?: string(name='TagRelation', description='The logical relation among the ECS tags that you want to match. Valid values:

*   **and** (default): Only the public IP addresses of ECS instances that match all the specified tags can be added to the address book.
*   **or**: The public IP addresses of ECS instances that match one of the specified tags can be added to the address book.', example='and'),
}

model AddAddressBookResponseBody = {
  groupUuid?: string(name='GroupUuid', description='The UUID of the returned address book.', example='f04ac7ce-628b-4cb7-be61-310222b7****'),
  requestId?: string(name='RequestId', description='The request ID.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2****'),
}

model AddAddressBookResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AddAddressBookResponseBody(name='body'),
}

/**
 * @summary Creates an address book for access control. Supported address book types are IP address books, Elastic Compute Service (ECS) tag-based address books, port address books, and domain address books. An ECS tag-based address book includes the public IP addresses of the ECS instances that have specific tags.
 *
 * @description You can call the AddAddressBook operation to create an address book for access control. The address book can be an IP address book, an ECS tag-based address book, a port address book, or a domain address book.
 * ## [](#qps)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddAddressBookRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AddAddressBookResponse
 */
async function addAddressBookWithOptions(request: AddAddressBookRequest, runtime: Util.RuntimeOptions): AddAddressBookResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.addressList)) {
    query['AddressList'] = request.addressList;
  }
  if (!Util.isUnset(request.autoAddTagEcs)) {
    query['AutoAddTagEcs'] = request.autoAddTagEcs;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.groupType)) {
    query['GroupType'] = request.groupType;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.tagList)) {
    query['TagList'] = request.tagList;
  }
  if (!Util.isUnset(request.tagRelation)) {
    query['TagRelation'] = request.tagRelation;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AddAddressBook',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates an address book for access control. Supported address book types are IP address books, Elastic Compute Service (ECS) tag-based address books, port address books, and domain address books. An ECS tag-based address book includes the public IP addresses of the ECS instances that have specific tags.
 *
 * @description You can call the AddAddressBook operation to create an address book for access control. The address book can be an IP address book, an ECS tag-based address book, a port address book, or a domain address book.
 * ## [](#qps)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddAddressBookRequest
 * @return AddAddressBookResponse
 */
async function addAddressBook(request: AddAddressBookRequest): AddAddressBookResponse {
  var runtime = new Util.RuntimeOptions{};
  return addAddressBookWithOptions(request, runtime);
}

model AddControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.

This parameter is required.', example='accept'),
  applicationName?: string(name='ApplicationName', description='The application type supported by the access control policy. Valid values:

*   **FTP**
*   **HTTP**
*   **HTTPS**
*   **Memcache**
*   **MongoDB**
*   **MQTT**
*   **MySQL**
*   **RDP**
*   **Redis**
*   **SMTP**
*   **SMTPS**
*   **SSH**
*   **SSL_No_Cert**
*   **SSL**
*   **VNC**
*   **ANY**

> The value of this parameter is based on the value of Proto. If Proto is set to TCP, you can set ApplicationName to any valid value. If Proto is set to UDP, ICMP, or ANY, you can set ApplicationName only to ANY. You must specify at least one of the ApplicationNameList and ApplicationName parameters.', example='ANY', deprecated=true),
  applicationNameList?: [ string ](name='ApplicationNameList', description='The application types supported by the access control policy.'),
  description?: string(name='Description', description='The description of the access control policy.

This parameter is required.', example='Allows traffic'),
  destPort?: string(name='DestPort', description='The destination port in the access control policy. Valid values:

*   If Proto is set to ICMP, DestPort is automatically left empty.

> If Proto is set to ICMP, access control does not take effect on the destination port.

*   If Proto is set to TCP, UDP, or ANY and DestPortType is set to group, DestPort is empty.

> If DestPortType is set to group, you do not need to specify the destination port number. All ports on which the access control policy takes effect are included in the destination port address book.

*   If Proto is set to TCP, UDP, or ANY and DestPortType is set to port, the value of DestPort is the destination port number.', example='80'),
  destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.

> If DestPortType is set to group, you must specify the name of the destination port address book.', example='my_port_group'),
  destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy.

Valid values:

*   **port**: port
*   **group**: port address book', example='port'),
  destination?: string(name='Destination', description='The destination address in the access control policy.

Valid values:

*   If DestinationType is set to net, the value of this parameter is a CIDR block.

    Example: 1.2.XX.XX/24

*   If DestinationType is set to group, the value of this parameter is an address book name.

    Example: db_group

*   If DestinationType is set to domain, the value of this parameter is a domain name.

    Example: \\\\*.aliyuncs.com

*   If DestinationType is set to location, the value of this parameter is a location.

    Example: ["BJ11", "ZB"]

This parameter is required.', example='192.0.XX.XX/24'),
  destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name
*   **location**: location

This parameter is required.', example='net'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies. Valid values:

*   **in**: inbound traffic
*   **out**: outbound traffic

This parameter is required.', example='in'),
  domainResolveType?: string(name='DomainResolveType', description='The domain name resolution method of the access control policy. Valid values:

* **FQDN**: fully qualified domain name (FQDN)-based resolution
* **DNS**: DNS-based dynamic resolution
* **FQDN_AND_DNS**: FQDN and DNS-based dynamic resolution', example='FQDN'),
  endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694764800'),
  ipVersion?: string(name='IpVersion', description='The IP version supported by the access control policy.

Valid values:

*   **4**: IPv4
*   **6**: IPv6', example='6'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  newOrder?: string(name='NewOrder', description='The priority of the access control policy. The priority value starts from 1. A smaller priority value indicates a higher priority.

This parameter is required.', example='1'),
  proto?: string(name='Proto', description='The protocol type supported by the access control policy. Valid values:

*   **ANY**
*   **TCP**
*   **UDP**
*   **ICMP**

This parameter is required.', example='ANY'),
  release?: string(name='Release', description='Specifies whether to enable the access control policy. By default, an access control policy is enabled after the policy is created. Valid values:

*   **true**: enables the access control policy.
*   **false**: disables the access control policy.', example='true'),
  repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If you set RepeatType to `Permanent`, `None`, or `Daily`, leave this parameter empty. Example: [].
*   If you set RepeatType to Weekly, you must specify this parameter. Example: [0, 6].

>  If you set RepeatType to Weekly, the fields in the value of this parameter cannot be repeated.

*   If you set RepeatType to `Monthly`, you must specify this parameter. Example: [1, 31].

>  If you set RepeatType to Monthly, the fields in the value of this parameter cannot be repeated.'),
  repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The end time must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='23:30'),
  repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The start time must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='08:00'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy. Valid values:

*   If SourceType is set to net, the value of this parameter is a CIDR block.

    Example: 1.1.XX.XX/24

*   If SourceType is set to group, the value of this parameter is an address book name.

    Example: db_group

*   If SourceType is set to location, the value of this parameter is a location.

    Example: ["BJ11", "ZB"]

This parameter is required.', example='192.0.XX.XX/24'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
  sourceType?: string(name='SourceType', description='The type of the source address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **location**: location

This parameter is required.', example='net'),
  startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694761200'),
}

model AddControlPolicyResponseBody = {
  aclUuid?: string(name='AclUuid', description='The ID of the access control policy that is created on the Internet firewall.', example='00281255-d220-4db1-8f4f-c4df221ad84c'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
}

model AddControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AddControlPolicyResponseBody(name='body'),
}

/**
 * @summary Creates an access control policy.
 *
 * @description You can call the AddControlPolicy operation to create an access control policy to allow, block, or monitor traffic that reaches Cloud Firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AddControlPolicyResponse
 */
async function addControlPolicyWithOptions(request: AddControlPolicyRequest, runtime: Util.RuntimeOptions): AddControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.applicationName)) {
    query['ApplicationName'] = request.applicationName;
  }
  if (!Util.isUnset(request.applicationNameList)) {
    query['ApplicationNameList'] = request.applicationNameList;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destPort)) {
    query['DestPort'] = request.destPort;
  }
  if (!Util.isUnset(request.destPortGroup)) {
    query['DestPortGroup'] = request.destPortGroup;
  }
  if (!Util.isUnset(request.destPortType)) {
    query['DestPortType'] = request.destPortType;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.destinationType)) {
    query['DestinationType'] = request.destinationType;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.domainResolveType)) {
    query['DomainResolveType'] = request.domainResolveType;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.newOrder)) {
    query['NewOrder'] = request.newOrder;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatDays)) {
    query['RepeatDays'] = request.repeatDays;
  }
  if (!Util.isUnset(request.repeatEndTime)) {
    query['RepeatEndTime'] = request.repeatEndTime;
  }
  if (!Util.isUnset(request.repeatStartTime)) {
    query['RepeatStartTime'] = request.repeatStartTime;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.sourceType)) {
    query['SourceType'] = request.sourceType;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AddControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates an access control policy.
 *
 * @description You can call the AddControlPolicy operation to create an access control policy to allow, block, or monitor traffic that reaches Cloud Firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddControlPolicyRequest
 * @return AddControlPolicyResponse
 */
async function addControlPolicy(request: AddControlPolicyRequest): AddControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return addControlPolicyWithOptions(request, runtime);
}

model AddInstanceMembersRequest {
  members?: [ 
    {
      memberDesc?: string(name='MemberDesc', description='The remarks of the member. The value must be 1 to 256 characters in length.', example='renewal'),
      memberUid?: long(name='MemberUid', description='The UID of the member. You can add up to 20 members to Cloud Firewall at a time.

This parameter is required.', example='258039427902****'),
    }
  ](name='Members', description='The members.

This parameter is required.'),
}

model AddInstanceMembersResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='B40A54DF-C142-44F7-8441-B31C1EADB36E'),
}

model AddInstanceMembersResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: AddInstanceMembersResponseBody(name='body'),
}

/**
 * @summary Adds members to Cloud Firewall.
 *
 * @description You can call this operation to add members to Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddInstanceMembersRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return AddInstanceMembersResponse
 */
async function addInstanceMembersWithOptions(request: AddInstanceMembersRequest, runtime: Util.RuntimeOptions): AddInstanceMembersResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.members)) {
    query['Members'] = request.members;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'AddInstanceMembers',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Adds members to Cloud Firewall.
 *
 * @description You can call this operation to add members to Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request AddInstanceMembersRequest
 * @return AddInstanceMembersResponse
 */
async function addInstanceMembers(request: AddInstanceMembersRequest): AddInstanceMembersResponse {
  var runtime = new Util.RuntimeOptions{};
  return addInstanceMembersWithOptions(request, runtime);
}

model BatchCopyVpcFirewallControlPolicyRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
  sourceVpcFirewallId?: string(name='SourceVpcFirewallId', description='The ID of the policy group of the source VPC firewall. Valid values:

*   If the VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance, the value of this parameter is the ID of the CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.
*   If the VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit, the value of this parameter is the instance ID of the VPC firewall.

>  You can call the [DescribeVpcFirewallAclGroupList](https://help.aliyun.com/document_detail/159760.html) operation to query the IDs of policy groups.

This parameter is required.', example='vfw-a42bbb7b887148c9****'),
  targetVpcFirewallId?: string(name='TargetVpcFirewallId', description='The ID of the policy group of the destination VPC firewall. Valid values:

*   If the VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance, the value of this parameter is the ID of the CEN instance. The network instance can be a VPC, a VBR, or a CCN instance.
*   If the VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit, the value of this parameter is the instance ID of the VPC firewall.

>  You can call the [DescribeVpcFirewallAclGroupList](https://help.aliyun.com/document_detail/159760.html) operation to query the IDs of policy groups.

This parameter is required.', example='vfw-e37d3a04cf79446a****'),
}

model BatchCopyVpcFirewallControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125k6j3'),
}

model BatchCopyVpcFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: BatchCopyVpcFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Copies all access control policies from a policy group of a source virtual private cloud (VPC) firewall to a policy group of a destination VPC firewall.
 *
 * @description You can call the BatchCopyVpcFirewallControlPolicy operation to copy all access control policies from a policy group of a source VPC firewall to a policy group of a destination VPC firewall.  
 * Before you call this operation, we recommend that you back up access control policies. For more information about how to back up an access control policy, see [Back up an access control policy](https://www.alibabacloud.com/help/en/cloud-firewall/latest/back-up-and-roll-back-an-access-control-policy).  
 * After you call this operation, all the access control policies in the policy group of the destination VPC firewall are replaced.  
 * The policy groups of the source VPC firewall and the destination VPC firewall must belong to the same Alibaba Cloud account.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. When the number of calls to this operation per second exceeds the limit, throttling is triggered. Throttling may affect your business. We recommend that you take note of the limit on this operation.
 *
 * @param request BatchCopyVpcFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return BatchCopyVpcFirewallControlPolicyResponse
 */
async function batchCopyVpcFirewallControlPolicyWithOptions(request: BatchCopyVpcFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): BatchCopyVpcFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.sourceVpcFirewallId)) {
    query['SourceVpcFirewallId'] = request.sourceVpcFirewallId;
  }
  if (!Util.isUnset(request.targetVpcFirewallId)) {
    query['TargetVpcFirewallId'] = request.targetVpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'BatchCopyVpcFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Copies all access control policies from a policy group of a source virtual private cloud (VPC) firewall to a policy group of a destination VPC firewall.
 *
 * @description You can call the BatchCopyVpcFirewallControlPolicy operation to copy all access control policies from a policy group of a source VPC firewall to a policy group of a destination VPC firewall.  
 * Before you call this operation, we recommend that you back up access control policies. For more information about how to back up an access control policy, see [Back up an access control policy](https://www.alibabacloud.com/help/en/cloud-firewall/latest/back-up-and-roll-back-an-access-control-policy).  
 * After you call this operation, all the access control policies in the policy group of the destination VPC firewall are replaced.  
 * The policy groups of the source VPC firewall and the destination VPC firewall must belong to the same Alibaba Cloud account.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. When the number of calls to this operation per second exceeds the limit, throttling is triggered. Throttling may affect your business. We recommend that you take note of the limit on this operation.
 *
 * @param request BatchCopyVpcFirewallControlPolicyRequest
 * @return BatchCopyVpcFirewallControlPolicyResponse
 */
async function batchCopyVpcFirewallControlPolicy(request: BatchCopyVpcFirewallControlPolicyRequest): BatchCopyVpcFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return batchCopyVpcFirewallControlPolicyWithOptions(request, runtime);
}

model BatchDeleteVpcFirewallControlPolicyRequest {
  aclUuidList?: [ string ](name='AclUuidList', description='The UUIDs of access control policies.

This parameter is required.'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

This parameter is required.', example='vfw-m5e7dbc4y****'),
}

model BatchDeleteVpcFirewallControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='B2841452-CB8D-4F7D-B247-38E1CF7334F8'),
}

model BatchDeleteVpcFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: BatchDeleteVpcFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Deletes multiple access control policies for a virtual private cloud (VPC) firewall at a time.
 *
 * @param request BatchDeleteVpcFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return BatchDeleteVpcFirewallControlPolicyResponse
 */
async function batchDeleteVpcFirewallControlPolicyWithOptions(request: BatchDeleteVpcFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): BatchDeleteVpcFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuidList)) {
    query['AclUuidList'] = request.aclUuidList;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'BatchDeleteVpcFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes multiple access control policies for a virtual private cloud (VPC) firewall at a time.
 *
 * @param request BatchDeleteVpcFirewallControlPolicyRequest
 * @return BatchDeleteVpcFirewallControlPolicyResponse
 */
async function batchDeleteVpcFirewallControlPolicy(request: BatchDeleteVpcFirewallControlPolicyRequest): BatchDeleteVpcFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return batchDeleteVpcFirewallControlPolicyWithOptions(request, runtime);
}

model CreateDownloadTaskRequest {
  lang?: string(name='Lang', description='The language of the content within the response.

Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  taskData?: string(name='TaskData', description='The query condition of the download task.', example='{\\\\"SearchItem\\\\":\\\\"\\\\",\\\\"UserType\\\\":\\\\"buy\\\\",\\\\"IpVersion\\\\":\\\\"4\\\\"}'),
  taskType?: string(name='TaskType', description='The type of the task. For more information about task types, see the descriptions in the "DescribeDownloadTaskType" topic.', example='InternetFirewallAsset'),
  timeZone?: string(name='TimeZone', description='The time zone of the time information in the downloaded file. The value must be an identifier of a time zone in the Internet Assigned Numbers Authority (IANA) database. The default value is Asia/Shanghai, which indicates UTC+8.', example='Asia/Shanghai'),
}

model CreateDownloadTaskResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='E7F333E0-7B70-54DA-A307-4B2B49DEE923'),
  status?: string(name='Status', description='The status of the task. Valid values:

finish: The task finished. You can query the task to obtain the download link of the file.

start: The task start.

error: An error occurred.

expire: The task file is invalid and cannot be downloaded.', example='start'),
  taskId?: long(name='TaskId', description='The unique ID of the task.', example='132'),
  taskName?: string(name='TaskName', description='The name of the file download task.', example='Internet Boundary Firewall Assets - IPv4'),
}

model CreateDownloadTaskResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateDownloadTaskResponseBody(name='body'),
}

/**
 * @summary Creates a file download task.
 *
 * @param request CreateDownloadTaskRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateDownloadTaskResponse
 */
async function createDownloadTaskWithOptions(request: CreateDownloadTaskRequest, runtime: Util.RuntimeOptions): CreateDownloadTaskResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.taskData)) {
    query['TaskData'] = request.taskData;
  }
  if (!Util.isUnset(request.taskType)) {
    query['TaskType'] = request.taskType;
  }
  if (!Util.isUnset(request.timeZone)) {
    query['TimeZone'] = request.timeZone;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateDownloadTask',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a file download task.
 *
 * @param request CreateDownloadTaskRequest
 * @return CreateDownloadTaskResponse
 */
async function createDownloadTask(request: CreateDownloadTaskRequest): CreateDownloadTaskResponse {
  var runtime = new Util.RuntimeOptions{};
  return createDownloadTaskWithOptions(request, runtime);
}

model CreateNatFirewallControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic.

Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.

This parameter is required.', example='log'),
  applicationNameList?: [ string ](name='ApplicationNameList', description='The application types supported by the access control policy.

This parameter is required.'),
  description?: string(name='Description', description='The description of the access control policy.

This parameter is required.', example='allow'),
  destPort?: string(name='DestPort', description='The destination port in the access control policy. Valid values:

*   If Proto is set to ICMP, DestPort is automatically left empty.

> If Proto is set to ICMP, access control does not take effect on the destination port.

*   If Proto is set to TCP, UDP, or ANY and DestPortType is set to group, DestPort is empty.

> If DestPortType is set to group, you do not need to specify the destination port number. All ports on which the access control policy takes effect are included in the destination port address book.

*   If Proto is set to TCP, UDP, or ANY and DestPortType is set to port, the value of DestPort is the destination port number.', example='80'),
  destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.

> If DestPortType is set to group, you must specify the name of the destination port address book.', example='my_port_group'),
  destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy. Valid values:

*   **port**: port
*   **group**: port address book', example='port'),
  destination?: string(name='Destination', description='The destination address in the access control policy.

Valid values:

*   If DestinationType is set to net, the value of this parameter is a CIDR block.

    Example: 1.2.XX.XX/24

*   If DestinationType is set to group, the value of this parameter is an address book.

    Example: db_group

*   If DestinationType is set to domain, the value of this parameter is a domain name.

    Example: \\\\*.aliyuncs.com

*   If DestinationType is set to location, the value of this parameter is a location.

    Example: ["BJ11", "ZB"]

This parameter is required.', example='XX.XX.XX.XX/24'),
  destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy.

Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name

This parameter is required.', example='net'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies. Valid value:

*   **out**: outbound.

This parameter is required.', example='out'),
  domainResolveType?: int32(name='DomainResolveType', description='The domain name resolution method of the access control policy. Valid values:

*   **0**: fully qualified domain name (FQDN)-based resolution
*   **1**: Domain Name System (DNS)-based dynamic resolution
*   **2**: FQDN and DNS-based dynamic resolution', example='0'),
  endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of StartTime.

>  If RepeatType is set to Permanent, EndTime is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, this parameter must be specified.', example='1694764800'),
  ipVersion?: string(name='IpVersion', description='The IP version supported by the access control policy. Valid values:

*   **4**: IPv4 (default)', example='4'),
  lang?: string(name='Lang', description='The language of the content within the response.

Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngx-xxxxxxx'),
  newOrder?: string(name='NewOrder', description='The priority of the access control policy. The priority value starts from 1. A small priority value indicates a high priority.

This parameter is required.', example='1'),
  proto?: string(name='Proto', description='The protocol type in the access control policy.

Valid values:

*   ANY: all types of protocols.
*   TCP
*   UDP
*   ICMP

>  If the destination address is a threat intelligence address book of the domain name type or a cloud service address book, you can set Proto only to TCP and set ApplicationNameList to HTTP, HTTPS, SMTP, SMTPS, or SSL.

This parameter is required.', example='ANY'),
  release?: string(name='Release', description='Specifies whether to enable the access control policy. By default, an access control policy is enabled after it is created. Valid values:

*   **true**
*   **false**', example='true'),
  repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If RepeatType is set to `Permanent`, `None`, or `Daily`, RepeatDays is left empty. Example: [].
*   If RepeatType is set to Weekly, RepeatDays must be specified. Example: [0, 6].

>  If RepeatType is set to Weekly, the fields in the value of RepeatDays cannot be repeated.

*   If RepeatType is set to `Monthly`, RepeatDays must be specified. Example: [1, 31].

>  If RepeatType is set to Monthly, the fields in the value of RepeatDays cannot be repeated.'),
  repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of RepeatStartTime.

>  If RepeatType is set to Permanent or None, RepeatEndTime is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='23:30'),
  repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of RepeatEndTime.

>  If RepeatType is set to Permanent or None, RepeatStartTime is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='08:00'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy.

Valid values:

*   If **SourceType** is set to `net`, the value of Source is a CIDR block.

    Example: 10.2.4.0/24

*   If **SourceType** is set to `group`, the value of this parameter must be an address book name.

    Example: db_group

This parameter is required.', example='192.168.0.25/32'),
  sourceType?: string(name='SourceType', description='The type of the source address in the access control policy.

Valid values:

*   **net**: source CIDR block
*   **group**: source address book

This parameter is required.', example='net'),
  startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of EndTime.

>  If RepeatType is set to Permanent, StartTime is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, this parameter must be specified.', example='1694761200'),
}

model CreateNatFirewallControlPolicyResponseBody = {
  aclUuid?: string(name='AclUuid', description='The unique ID of the access control policy.

>  To modify an access control policy, you must specify the unique ID of the policy. You can call the DescribeNatFirewallControlPolicy operation to obtain the ID.', example='6504d2fb-ab36-49c3-92a6-822a56549783'),
  requestId?: string(name='RequestId', description='The request ID.', example='0DC783F1-B3A7-578D-8A63-687CC9B82C0A'),
}

model CreateNatFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateNatFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Creates an access control policy for a NAT firewall.
 *
 * @description You can call this operation to create a policy that allows, denies, or monitors the traffic that passes through the NAT firewall.
 *
 * @param request CreateNatFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateNatFirewallControlPolicyResponse
 */
async function createNatFirewallControlPolicyWithOptions(request: CreateNatFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): CreateNatFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.applicationNameList)) {
    query['ApplicationNameList'] = request.applicationNameList;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destPort)) {
    query['DestPort'] = request.destPort;
  }
  if (!Util.isUnset(request.destPortGroup)) {
    query['DestPortGroup'] = request.destPortGroup;
  }
  if (!Util.isUnset(request.destPortType)) {
    query['DestPortType'] = request.destPortType;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.destinationType)) {
    query['DestinationType'] = request.destinationType;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.domainResolveType)) {
    query['DomainResolveType'] = request.domainResolveType;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  if (!Util.isUnset(request.newOrder)) {
    query['NewOrder'] = request.newOrder;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatDays)) {
    query['RepeatDays'] = request.repeatDays;
  }
  if (!Util.isUnset(request.repeatEndTime)) {
    query['RepeatEndTime'] = request.repeatEndTime;
  }
  if (!Util.isUnset(request.repeatStartTime)) {
    query['RepeatStartTime'] = request.repeatStartTime;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceType)) {
    query['SourceType'] = request.sourceType;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateNatFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates an access control policy for a NAT firewall.
 *
 * @description You can call this operation to create a policy that allows, denies, or monitors the traffic that passes through the NAT firewall.
 *
 * @param request CreateNatFirewallControlPolicyRequest
 * @return CreateNatFirewallControlPolicyResponse
 */
async function createNatFirewallControlPolicy(request: CreateNatFirewallControlPolicyRequest): CreateNatFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createNatFirewallControlPolicyWithOptions(request, runtime);
}

model CreateSecurityProxyRequest {
  firewallSwitch?: string(name='FirewallSwitch', description='The status of the NAT firewall. Valid values:

*   **open**: enabled
*   **close**: disabled', example='close'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngw-bp1okz6k7s4n4mnk5f1g3'),
  natRouteEntryList?: [ 
    {
      destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the default route.

This parameter is required.', example='0.0.0.0/0'),
      nextHopId?: string(name='NextHopId', description='The next hop of the original NAT gateway.

This parameter is required.', example='ngw-bp1okz6k7s4n4mnk5f1g3'),
      nextHopType?: string(name='NextHopType', description='The network type of the next hop. Set the value to NatGateway.

This parameter is required.', example='NatGateway'),
      routeTableId?: string(name='RouteTableId', description='The route table to which the default route of the NAT gateway belongs.

This parameter is required.', example='vtb-2ze13wrgz7wsu9yiqeffg'),
    }
  ](name='NatRouteEntryList', description='The routes to be switched to the NAT gateway.

This parameter is required.'),
  proxyName?: string(name='ProxyName', description='The name of the NAT firewall. The name must be 4 to 50 characters in length, and can contain letters, digits, and underscores (_). However, it cannot start with an underscore.

This parameter is required.', example='nat-idmp-fir'),
  regionNo?: string(name='RegionNo', description='The region ID of the virtual private cloud (VPC).

>  For more information about Cloud Firewall supported regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).

This parameter is required.', example='cn-hangzhou'),
  strictMode?: int32(name='StrictMode', description='Specifies whether to enable the strict mode. Valid values:

*   1: yes
*   0: no', example='0'),
  vpcId?: string(name='VpcId', description='The ID of the VPC.

This parameter is required.', example='vpc-uf6b5lyul0xfgv74i01ph'),
  vswitchAuto?: string(name='VswitchAuto', description='The mode of the vSwitch that you want to use. Valid values:

*   **true**: automatic
*   **false**: manual', example='true'),
  vswitchCidr?: string(name='VswitchCidr', description='The CIDR block of the vSwitch.', example='0.0.0.0/0'),
  vswitchId?: string(name='VswitchId', description='The ID of the vSwitch. This parameter is required if you set the VswitchAuto parameter to true.', example='vsw-bp1sqg9wms9w9y1uxcs1x'),
}

model CreateSecurityProxyResponseBody = {
  proxyId?: string(name='ProxyId', description='The ID of the NAT firewall.', example='proxy-nat97ac4d7cc3834a5daf40'),
  requestId?: string(name='RequestId', description='The request ID.', example='15FCCC52-1E23-57AE-B5EF-3E00A3DC3CAB'),
}

model CreateSecurityProxyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateSecurityProxyResponseBody(name='body'),
}

/**
 * @summary Creates a NAT firewall.
 *
 * @param request CreateSecurityProxyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateSecurityProxyResponse
 */
async function createSecurityProxyWithOptions(request: CreateSecurityProxyRequest, runtime: Util.RuntimeOptions): CreateSecurityProxyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallSwitch)) {
    query['FirewallSwitch'] = request.firewallSwitch;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  if (!Util.isUnset(request.natRouteEntryList)) {
    query['NatRouteEntryList'] = request.natRouteEntryList;
  }
  if (!Util.isUnset(request.proxyName)) {
    query['ProxyName'] = request.proxyName;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.strictMode)) {
    query['StrictMode'] = request.strictMode;
  }
  if (!Util.isUnset(request.vpcId)) {
    query['VpcId'] = request.vpcId;
  }
  if (!Util.isUnset(request.vswitchAuto)) {
    query['VswitchAuto'] = request.vswitchAuto;
  }
  if (!Util.isUnset(request.vswitchCidr)) {
    query['VswitchCidr'] = request.vswitchCidr;
  }
  if (!Util.isUnset(request.vswitchId)) {
    query['VswitchId'] = request.vswitchId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateSecurityProxy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a NAT firewall.
 *
 * @param request CreateSecurityProxyRequest
 * @return CreateSecurityProxyResponse
 */
async function createSecurityProxy(request: CreateSecurityProxyRequest): CreateSecurityProxyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createSecurityProxyWithOptions(request, runtime);
}

model CreateSlsLogDispatchRequest {
  slsRegionId?: string(name='SlsRegionId', description='The region ID of the Simple Log Service project.', example='ap-southeast-1'),
  ttl?: long(name='Ttl', description='The log retention period. Unit: days.', example='20'),
}

model CreateSlsLogDispatchResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='850A84D6************00090125EEB1'),
}

model CreateSlsLogDispatchResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateSlsLogDispatchResponseBody(name='body'),
}

/**
 * @summary 创建云防火墙SLS日志投递
 *
 * @param request CreateSlsLogDispatchRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateSlsLogDispatchResponse
 */
async function createSlsLogDispatchWithOptions(request: CreateSlsLogDispatchRequest, runtime: Util.RuntimeOptions): CreateSlsLogDispatchResponse {
  Util.validateModel(request);
  var body : map[string]any = {};
  if (!Util.isUnset(request.slsRegionId)) {
    body['SlsRegionId'] = request.slsRegionId;
  }
  if (!Util.isUnset(request.ttl)) {
    body['Ttl'] = request.ttl;
  }
  var req = new OpenApi.OpenApiRequest{ 
    body = OpenApiUtil.parseToMap(body),
  };
  var params = new OpenApi.Params{
    action = 'CreateSlsLogDispatch',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary 创建云防火墙SLS日志投递
 *
 * @param request CreateSlsLogDispatchRequest
 * @return CreateSlsLogDispatchResponse
 */
async function createSlsLogDispatch(request: CreateSlsLogDispatchRequest): CreateSlsLogDispatchResponse {
  var runtime = new Util.RuntimeOptions{};
  return createSlsLogDispatchWithOptions(request, runtime);
}

model CreateTrFirewallV2Request {
  cenId?: string(name='CenId', description='The ID of the Cloud Enterprise Network (CEN) instance.', example='cen-4xbjup276au29r****'),
  firewallDescription?: string(name='FirewallDescription', description='The description of the firewall.', example='vfw-sz'),
  firewallName?: string(name='FirewallName', description='The name of the firewall.', example='cfw_test2'),
  firewallSubnetCidr?: string(name='FirewallSubnetCidr', description='The subnet CIDR block of the VPC in which the ENI of the firewall is stored in automatic mode.', example='10.0.1.0/24'),
  firewallVpcCidr?: string(name='FirewallVpcCidr', description='The CIDR block that is allocated to the VPC created for the VPC firewall in automatic mode.', example='10.0.0.0/16'),
  firewallVpcId?: string(name='FirewallVpcId', description='The ID of the VPC in which the ENI associated with the VPC firewall is created in manual mode.', example='vpc-wz9r5qvryn0lg3atb****'),
  firewallVswitchId?: string(name='FirewallVswitchId', description='The ID of the vSwitch that is used to create the ENI in manual mode.', example='vsw-uf6ydz3vqj77mr5l6****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  regionNo?: string(name='RegionNo', description='The region ID of the route router.', example='cn-hangzhou'),
  routeMode?: string(name='RouteMode', description='The routing mode of the VPC firewall. Valid values:

*   **managed**: automatic mode
*   **manual**: manual mode', example='managed'),
  trAttachmentMasterCidr?: string(name='TrAttachmentMasterCidr', description='The primary subnet CIDR block that the VPC uses to connect to the transit router in automatic mode.', example='10.0.3.0/24'),
  trAttachmentMasterZone?: string(name='TrAttachmentMasterZone', description='The primary zone for the vSwitch.', example='cn-chengdu-a'),
  trAttachmentSlaveCidr?: string(name='TrAttachmentSlaveCidr', description='The secondary subnet CIDR block that the VPC uses to connect to the transit router in automatic mode.', example='10.0.0.16/28'),
  trAttachmentSlaveZone?: string(name='TrAttachmentSlaveZone', description='The secondary zone for the vSwitch.', example='cn-chengdu-b'),
  transitRouterId?: string(name='TransitRouterId', description='The ID of the transit router.', example='tr-m5etmb2q7e0mxcur****'),
}

model CreateTrFirewallV2ResponseBody = {
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-37e22bf0d9b34870****'),
  requestId?: string(name='RequestId', description='The request ID.', example='822B9125-6E1A-551C-8EAF-6E7AE7444B00'),
}

model CreateTrFirewallV2Response = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateTrFirewallV2ResponseBody(name='body'),
}

/**
 * @summary Creates a virtual private cloud (VPC) firewall for a transit router.
 *
 * @param request CreateTrFirewallV2Request
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateTrFirewallV2Response
 */
async function createTrFirewallV2WithOptions(request: CreateTrFirewallV2Request, runtime: Util.RuntimeOptions): CreateTrFirewallV2Response {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.cenId)) {
    query['CenId'] = request.cenId;
  }
  if (!Util.isUnset(request.firewallDescription)) {
    query['FirewallDescription'] = request.firewallDescription;
  }
  if (!Util.isUnset(request.firewallName)) {
    query['FirewallName'] = request.firewallName;
  }
  if (!Util.isUnset(request.firewallSubnetCidr)) {
    query['FirewallSubnetCidr'] = request.firewallSubnetCidr;
  }
  if (!Util.isUnset(request.firewallVpcCidr)) {
    query['FirewallVpcCidr'] = request.firewallVpcCidr;
  }
  if (!Util.isUnset(request.firewallVpcId)) {
    query['FirewallVpcId'] = request.firewallVpcId;
  }
  if (!Util.isUnset(request.firewallVswitchId)) {
    query['FirewallVswitchId'] = request.firewallVswitchId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.routeMode)) {
    query['RouteMode'] = request.routeMode;
  }
  if (!Util.isUnset(request.trAttachmentMasterCidr)) {
    query['TrAttachmentMasterCidr'] = request.trAttachmentMasterCidr;
  }
  if (!Util.isUnset(request.trAttachmentMasterZone)) {
    query['TrAttachmentMasterZone'] = request.trAttachmentMasterZone;
  }
  if (!Util.isUnset(request.trAttachmentSlaveCidr)) {
    query['TrAttachmentSlaveCidr'] = request.trAttachmentSlaveCidr;
  }
  if (!Util.isUnset(request.trAttachmentSlaveZone)) {
    query['TrAttachmentSlaveZone'] = request.trAttachmentSlaveZone;
  }
  if (!Util.isUnset(request.transitRouterId)) {
    query['TransitRouterId'] = request.transitRouterId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateTrFirewallV2',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a virtual private cloud (VPC) firewall for a transit router.
 *
 * @param request CreateTrFirewallV2Request
 * @return CreateTrFirewallV2Response
 */
async function createTrFirewallV2(request: CreateTrFirewallV2Request): CreateTrFirewallV2Response {
  var runtime = new Util.RuntimeOptions{};
  return createTrFirewallV2WithOptions(request, runtime);
}

model CreateTrFirewallV2RoutePolicyRequest {
  destCandidateList?: [ 
    {
      candidateId?: string(name='CandidateId', description='The ID of the traffic redirection instance.', example='vpc-2ze9epancaw8t4sha****'),
      candidateType?: string(name='CandidateType', description='The type of the traffic redirection instance.', example='VPC'),
    }
  ](name='DestCandidateList', description='The secondary traffic redirection instances.'),
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-f8ce36689b224f77****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  policyDescription?: string(name='PolicyDescription', description='The description of the traffic redirection instance.', example='test'),
  policyName?: string(name='PolicyName', description='The name of the traffic redirection instance.', example='TEST_VPC_FW'),
  policyType?: string(name='PolicyType', description='The type of the traffic redirection scenario of the VPC firewall. Valid values:

*   **fullmesh**: interconnected instances
*   **one_to_one**: instance to instance
*   **end_to_end**: instance to instances', example='fullmesh'),
  srcCandidateList?: [ 
    {
      candidateId?: string(name='CandidateId', description='The ID of the traffic redirection instance.', example='vpc-2ze9epancaw8t4sha****'),
      candidateType?: string(name='CandidateType', description='The type of the traffic redirection instance.', example='VPC'),
    }
  ](name='SrcCandidateList', description='The primary traffic redirection instances.'),
}

model CreateTrFirewallV2RoutePolicyShrinkRequest {
  destCandidateListShrink?: string(name='DestCandidateList', description='The secondary traffic redirection instances.'),
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-f8ce36689b224f77****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  policyDescription?: string(name='PolicyDescription', description='The description of the traffic redirection instance.', example='test'),
  policyName?: string(name='PolicyName', description='The name of the traffic redirection instance.', example='TEST_VPC_FW'),
  policyType?: string(name='PolicyType', description='The type of the traffic redirection scenario of the VPC firewall. Valid values:

*   **fullmesh**: interconnected instances
*   **one_to_one**: instance to instance
*   **end_to_end**: instance to instances', example='fullmesh'),
  srcCandidateListShrink?: string(name='SrcCandidateList', description='The primary traffic redirection instances.'),
}

model CreateTrFirewallV2RoutePolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='C91D68BA-A0BE-51BF-A0F1-1CB5C57FE58D'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-8ebed27e13e14ce2****'),
}

model CreateTrFirewallV2RoutePolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateTrFirewallV2RoutePolicyResponseBody(name='body'),
}

/**
 * @summary Creates a routing policy for a VPC firewall of a transit router.
 *
 * @param tmpReq CreateTrFirewallV2RoutePolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateTrFirewallV2RoutePolicyResponse
 */
async function createTrFirewallV2RoutePolicyWithOptions(tmpReq: CreateTrFirewallV2RoutePolicyRequest, runtime: Util.RuntimeOptions): CreateTrFirewallV2RoutePolicyResponse {
  Util.validateModel(tmpReq);
  var request = new CreateTrFirewallV2RoutePolicyShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.destCandidateList)) {
    request.destCandidateListShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.destCandidateList, 'DestCandidateList', 'json');
  }
  if (!Util.isUnset(tmpReq.srcCandidateList)) {
    request.srcCandidateListShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.srcCandidateList, 'SrcCandidateList', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.destCandidateListShrink)) {
    query['DestCandidateList'] = request.destCandidateListShrink;
  }
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.policyDescription)) {
    query['PolicyDescription'] = request.policyDescription;
  }
  if (!Util.isUnset(request.policyName)) {
    query['PolicyName'] = request.policyName;
  }
  if (!Util.isUnset(request.policyType)) {
    query['PolicyType'] = request.policyType;
  }
  if (!Util.isUnset(request.srcCandidateListShrink)) {
    query['SrcCandidateList'] = request.srcCandidateListShrink;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateTrFirewallV2RoutePolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a routing policy for a VPC firewall of a transit router.
 *
 * @param request CreateTrFirewallV2RoutePolicyRequest
 * @return CreateTrFirewallV2RoutePolicyResponse
 */
async function createTrFirewallV2RoutePolicy(request: CreateTrFirewallV2RoutePolicyRequest): CreateTrFirewallV2RoutePolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createTrFirewallV2RoutePolicyWithOptions(request, runtime);
}

model CreateVpcFirewallCenConfigureRequest {
  cenId?: string(name='CenId', description='The ID of the CEN instance.

This parameter is required.', example='cen-x5jayxou71ad73****'),
  firewallSwitch?: string(name='FirewallSwitch', description='Specifies whether to enable the VPC firewall. Valid values:

*   **open**: After you create the VPC firewall, the VPC firewall is automatically enabled. This is the default value.
*   **close**: After you create the VPC firewall, the VPC firewall is disabled. You can call the [ModifyVpcFirewallCenSwitchStatus](https://help.aliyun.com/document_detail/345780.html) operation to manually enable the VPC firewall.

This parameter is required.', example='open'),
  firewallVSwitchCidrBlock?: string(name='FirewallVSwitchCidrBlock', description='The CIDR block of the vSwitch that is automatically created for the VPC firewall. You must specify a CIDR block for the Cloud_Firewall_VSWITCH VPC that is automatically created for the VPC firewall for traffic redirection. The CIDR block does not conflict with your network plan. The subnet mask of the CIDR block must be less than or equal to 29 bits in length. The CIDR block of the vSwitch must be within the network segment of the VPC.

If you do not specify a value, the CIDR block 10.219.219.216/29 is automatically allocated.

>  This parameter takes effect only when you create a VPC firewall for the first time in the current CEN instance and region.'),
  firewallVpcCidrBlock?: string(name='FirewallVpcCidrBlock', description='The CIDR block of the VPC that is automatically created for the VPC firewall. You must specify a CIDR block for the Cloud_Firewall_VPC VPC that is automatically created for the VPC firewall for traffic redirection. The subnet mask of the CIDR block must be less than or equal to 28 bits in length.

If you do not specify a value, the CIDR block 10.0.0.0/8 is automatically allocated.

>  This parameter takes effect only when you create a VPC firewall for the first time in the current CEN instance and region.', example='10.0.0.0/8'),
  firewallVpcStandbyZoneId?: string(name='FirewallVpcStandbyZoneId', description='The ID of the backup availability zone to which the firewall belongs. The firewall will automatically switch to the backup availability zone to continue running only if the primary availability zone service is unavailable.
If this parameter is not filled, the backup availability zone for the firewall will be automatically assigned.
> This parameter is only effective when creating a VPC firewall for the first time in this CEN region.', example='cn-hangzhou-b'),
  firewallVpcZoneId?: string(name='FirewallVpcZoneId', description='The ID of the zone to which the vSwitch belongs. If your service is latency-sensitive, you can specify the same zone for the vSwitch of the firewall and the vSwitch of your business VPC to minimize latency.

If you do not specify a value, a zone is automatically assigned for the vSwitch.

>  This parameter takes effect only when you create a VPC firewall for the first time in the current CEN instance and region. For more information about zones that are supported by each region, see [Query zones](https://help.aliyun.com/document_detail/36064.html).', example='cn-hangzhou-a'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  networkInstanceId?: string(name='NetworkInstanceId', description='The ID of the VPC for which you want to create the VPC firewall.

This parameter is required.', example='vpc-bp10zlifxh6j0232w****'),
  vSwitchId?: string(name='VSwitchId', description='The ID of the vSwitch that is used to associate with the elastic network interface (ENI) required by the VPC firewall.', example='vsw-qzeaol304m***'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.

This parameter is required.', example='Test instance'),
  vpcRegion?: string(name='VpcRegion', description='The ID of the region to which the VPC belongs.

> For more information about the regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).

This parameter is required.', example='cn-hangzhou'),
}

model CreateVpcFirewallCenConfigureResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125h4j6'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
}

model CreateVpcFirewallCenConfigureResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateVpcFirewallCenConfigureResponseBody(name='body'),
}

/**
 * @summary Creates a virtual private cloud (VPC) firewall to protect traffic between a specified VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the CreateVpcFirewallCenConfigure operation to create a VPC firewall. The VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. The VPC firewall cannot protect mutual access traffic between VBRs, between CCN instances, or between VBRs and CCN instances. For more information, see [VPC firewall limits](https://help.aliyun.com/document_detail/172295.html).
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateVpcFirewallCenConfigureRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateVpcFirewallCenConfigureResponse
 */
async function createVpcFirewallCenConfigureWithOptions(request: CreateVpcFirewallCenConfigureRequest, runtime: Util.RuntimeOptions): CreateVpcFirewallCenConfigureResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.cenId)) {
    query['CenId'] = request.cenId;
  }
  if (!Util.isUnset(request.firewallSwitch)) {
    query['FirewallSwitch'] = request.firewallSwitch;
  }
  if (!Util.isUnset(request.firewallVSwitchCidrBlock)) {
    query['FirewallVSwitchCidrBlock'] = request.firewallVSwitchCidrBlock;
  }
  if (!Util.isUnset(request.firewallVpcCidrBlock)) {
    query['FirewallVpcCidrBlock'] = request.firewallVpcCidrBlock;
  }
  if (!Util.isUnset(request.firewallVpcStandbyZoneId)) {
    query['FirewallVpcStandbyZoneId'] = request.firewallVpcStandbyZoneId;
  }
  if (!Util.isUnset(request.firewallVpcZoneId)) {
    query['FirewallVpcZoneId'] = request.firewallVpcZoneId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.networkInstanceId)) {
    query['NetworkInstanceId'] = request.networkInstanceId;
  }
  if (!Util.isUnset(request.vSwitchId)) {
    query['VSwitchId'] = request.vSwitchId;
  }
  if (!Util.isUnset(request.vpcFirewallName)) {
    query['VpcFirewallName'] = request.vpcFirewallName;
  }
  if (!Util.isUnset(request.vpcRegion)) {
    query['VpcRegion'] = request.vpcRegion;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateVpcFirewallCenConfigure',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a virtual private cloud (VPC) firewall to protect traffic between a specified VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the CreateVpcFirewallCenConfigure operation to create a VPC firewall. The VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. The VPC firewall cannot protect mutual access traffic between VBRs, between CCN instances, or between VBRs and CCN instances. For more information, see [VPC firewall limits](https://help.aliyun.com/document_detail/172295.html).
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateVpcFirewallCenConfigureRequest
 * @return CreateVpcFirewallCenConfigureResponse
 */
async function createVpcFirewallCenConfigure(request: CreateVpcFirewallCenConfigureRequest): CreateVpcFirewallCenConfigureResponse {
  var runtime = new Util.RuntimeOptions{};
  return createVpcFirewallCenConfigureWithOptions(request, runtime);
}

model CreateVpcFirewallConfigureRequest {
  firewallSwitch?: string(name='FirewallSwitch', description='The status of the VPC firewall after you create the firewall. Valid values:

*   **open**: After you create the VPC firewall, the VPC firewall is automatically enabled. This is the default value.
*   **close**: After you create the VPC firewall, the VPC firewall is disabled. To enable the firewall, you can call the [ModifyVpcFirewallSwitchStatus](https://help.aliyun.com/document_detail/342935.html) operation.

This parameter is required.', example='open'),
  lang?: string(name='Lang', description='The language of the content within the request and the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English.', example='zh'),
  localVpcCidrTableList?: string(name='LocalVpcCidrTableList', description='The CIDR blocks of the local VPC. The value is a JSON string that contains the following parameters:

*   **RouteTableId**: the ID of the route table for the local VPC.
*   **RouteEntryList**: The value is a JSON string that contains the DestinationCidr and NextHopInstanceId parameters. The DestinationCidr parameter indicates the destination CIDR block of the local VPC. The NextHopInstanceId parameter indicates the instance ID of the next hop for the local VPC.

This parameter is required.', example='[{"RouteTableId":"vtb-1234","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]},{"RouteTableId":"vtb-1235","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]}]'),
  localVpcId?: string(name='LocalVpcId', description='The ID of the local VPC.

This parameter is required.', example='vpc-8vbwbo90rq0anm6t****'),
  localVpcRegion?: string(name='LocalVpcRegion', description='The region ID of the local VPC.

>  For more information about the regions in which Cloud Firewall is available, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).

This parameter is required.', example='cn-hangzhou'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  peerVpcCidrTableList?: string(name='PeerVpcCidrTableList', description='The CIDR blocks of the peer VPC. The value is a JSON string that contains the following parameters:

*   **RouteTableId**: the ID of the route table for the peer VPC.
*   **RouteEntryList**: The value is a JSON string that contains the DestinationCidr and NextHopInstanceId parameters. The DestinationCidr parameter indicates the destination CIDR block of the peer VPC. The NextHopInstanceId parameter indicates the instance ID of the next hop for the peer VPC.

This parameter is required.', example='[{"RouteTableId":"vtb-1234","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]},{"RouteTableId":"vtb-1235","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]}]'),
  peerVpcId?: string(name='PeerVpcId', description='The ID of the peer VPC.

This parameter is required.', example='vpc-wb8vbo90rq0anm6t****'),
  peerVpcRegion?: string(name='PeerVpcRegion', description='The region ID of the peer VPC.

>  For more information about Cloud Firewall supported regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).

This parameter is required.', example='cn-shanghai'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.

This parameter is required.', example='my-vpc-firewall'),
}

model CreateVpcFirewallConfigureResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='850A84D6-0DE4-4797-A1E8-00090125h4j6'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
}

model CreateVpcFirewallConfigureResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateVpcFirewallConfigureResponseBody(name='body'),
}

/**
 * @summary Creates a Virtual Private Cloud (VPC) firewall to protect traffic between two VPCs that are connected by using an Express Connect.
 *
 * @description You can call this operation to create a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit. The VPC firewall does not control the mutual access traffic between VPCs that reside in different regions or belong to different Alibaba Cloud accounts. The firewall also does not control the mutual access traffic between VPCs and virtual border routers (VBRs). For more information, see [VPC firewall limits](https://help.aliyun.com/document_detail/172295.html).
 * ### [](#qps)QPS limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateVpcFirewallConfigureRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateVpcFirewallConfigureResponse
 */
async function createVpcFirewallConfigureWithOptions(request: CreateVpcFirewallConfigureRequest, runtime: Util.RuntimeOptions): CreateVpcFirewallConfigureResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallSwitch)) {
    query['FirewallSwitch'] = request.firewallSwitch;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.localVpcCidrTableList)) {
    query['LocalVpcCidrTableList'] = request.localVpcCidrTableList;
  }
  if (!Util.isUnset(request.localVpcId)) {
    query['LocalVpcId'] = request.localVpcId;
  }
  if (!Util.isUnset(request.localVpcRegion)) {
    query['LocalVpcRegion'] = request.localVpcRegion;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.peerVpcCidrTableList)) {
    query['PeerVpcCidrTableList'] = request.peerVpcCidrTableList;
  }
  if (!Util.isUnset(request.peerVpcId)) {
    query['PeerVpcId'] = request.peerVpcId;
  }
  if (!Util.isUnset(request.peerVpcRegion)) {
    query['PeerVpcRegion'] = request.peerVpcRegion;
  }
  if (!Util.isUnset(request.vpcFirewallName)) {
    query['VpcFirewallName'] = request.vpcFirewallName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateVpcFirewallConfigure',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates a Virtual Private Cloud (VPC) firewall to protect traffic between two VPCs that are connected by using an Express Connect.
 *
 * @description You can call this operation to create a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit. The VPC firewall does not control the mutual access traffic between VPCs that reside in different regions or belong to different Alibaba Cloud accounts. The firewall also does not control the mutual access traffic between VPCs and virtual border routers (VBRs). For more information, see [VPC firewall limits](https://help.aliyun.com/document_detail/172295.html).
 * ### [](#qps)QPS limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateVpcFirewallConfigureRequest
 * @return CreateVpcFirewallConfigureResponse
 */
async function createVpcFirewallConfigure(request: CreateVpcFirewallConfigureRequest): CreateVpcFirewallConfigureResponse {
  var runtime = new Util.RuntimeOptions{};
  return createVpcFirewallConfigureWithOptions(request, runtime);
}

model CreateVpcFirewallControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

- **accept**: allows the traffic.
- **drop**: blocks the traffic.
- **log**: monitors the traffic.

This parameter is required.', example='accept'),
  applicationName?: string(name='ApplicationName', description='The type of the applications that the access control policy supports. Valid values:

- **FTP**
- **HTTP**
- **HTTPS**
- **MySQL**
- **SMTP**
- **SMTPS**
- **RDP**
- **VNC**
- **SSH**
- **Redis**
- **MQTT**
- **MongoDB**
- **Memcache**
- **SSL**
- **ANY**: all types of applications', example='HTTP', deprecated=true),
  applicationNameList?: [ string ](name='ApplicationNameList', description='The application types supported by the access control policy.'),
  description?: string(name='Description', description='The description of the access control policy.

This parameter is required.', example='test'),
  destPort?: string(name='DestPort', description='The destination port in the access control policy. 

>  If **DestPortType** is set to `port`, you must specify this parameter.', example='80'),
  destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy. 

>  If **DestPortType** is set to `group`, you must specify this parameter.', example='my_port_group'),
  destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy. Valid values:

- **port**: port
- **group**: port address book', example='port'),
  destination?: string(name='Destination', description='The destination address in the access control policy. Valid values:

- If **DestinationType** is set to `net`, the value of **Destination** must be a CIDR block.
- If **DestinationType** is set to `group`, the value of **Destination** must be an address book.
- If **DestinationType** is set to `domain`, the value of **Destination** must be a domain name.

This parameter is required.', example='10.2.XX.XX/24'),
  destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy. Valid values:

- **net**: CIDR block
- **group**: address book
- **domain**: domain name

This parameter is required.', example='net'),
  domainResolveType?: string(name='DomainResolveType', description='The domain name resolution method of the access control policy. Valid values:

* **FQDN**: fully qualified domain name (FQDN)-based resolution
* **DNS**: DNS-based dynamic resolution
* **FQDN_AND_DNS**: FQDN and DNS-based dynamic resolution', example='DNS'),
  endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694764800'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

- **zh**: Chinese (default)
- **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  newOrder?: string(name='NewOrder', description='The priority of the access control policy. 

The priority value starts from 1. A smaller priority value indicates a higher priority.

This parameter is required.', example='1'),
  proto?: string(name='Proto', description='The type of the protocol in the access control policy. Valid values:

- **ANY** (If you are not sure about the protocol type, you can set this parameter to ANY.)
- **TCP**
- **UDP**
- **ICMP**

This parameter is required.', example='TCP'),
  release?: string(name='Release', description='Specifies whether to enable the access control policy. By default, an access control policy is enabled after the policy is created. Valid values: 

- **true**: enables the access control policy.
- **false**: disables the access control policy.', example='true'),
  repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If you set RepeatType to `Permanent`, `None`, or `Daily`, leave this parameter empty. Example: [].
*   If you set RepeatType to Weekly, you must specify this parameter. Example: [0, 6].

>  If you set RepeatType to Weekly, the fields in the value of this parameter cannot be repeated.

*   If you set RepeatType to `Monthly`, you must specify this parameter. Example: [1, 31].

>  If you set RepeatType to Monthly, the fields in the value of this parameter cannot be repeated.'),
  repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The value must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='23:30'),
  repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='08:00'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy. 

- If SourceType is set to `net`, the value of Source must be a CIDR block.
- If SourceType is set to `group`, the value of Source must be an address book.

This parameter is required.', example='10.2.XX.XX/24'),
  sourceType?: string(name='SourceType', description='The type of the source address in the access control policy. Valid values:

- **net**: CIDR block
- **group**: address book

This parameter is required.', example='net'),
  startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694761200'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The ID of the policy group in which you want to create the access control policy. 

- If a VPC firewall protects the traffic between two VPCs that are connected by using a CEN instance, the value of this parameter must be the ID of the CEN instance.
- If a VPC firewall protects the traffic between two VPCs that are connected by using an Express Connect circuit, the value of this parameter must be the instance ID of the VPC firewall.

>  You can call the [DescribeVpcFirewallAclGroupList](https://www.alibabacloud.com/help/en/cloud-firewall/latest/describevpcfirewallaclgrouplist) operation to query the IDs.

This parameter is required.', example='vfw-a42bbb7b887148c9****'),
}

model CreateVpcFirewallControlPolicyResponseBody = {
  aclUuid?: string(name='AclUuid', description='The ID of the access control policy.', example='00281255-d220-4db1-8f4f-c4df221ad84c'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
}

model CreateVpcFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: CreateVpcFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Creates an access control policy in a specified policy group for a virtual private cloud (VPC) firewall.
 *
 * @description You can call the CreateVpcFirewallControlPolicy operation to create an access control policy in a specified policy group for a VPC firewall. Different access control policies are used when a VPC firewall is used to protect traffic between two VPCs that are connected by using a Cloud Enterprise Network (CEN) instance or an Express Connect circuit.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateVpcFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return CreateVpcFirewallControlPolicyResponse
 */
async function createVpcFirewallControlPolicyWithOptions(request: CreateVpcFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): CreateVpcFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.applicationName)) {
    query['ApplicationName'] = request.applicationName;
  }
  if (!Util.isUnset(request.applicationNameList)) {
    query['ApplicationNameList'] = request.applicationNameList;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destPort)) {
    query['DestPort'] = request.destPort;
  }
  if (!Util.isUnset(request.destPortGroup)) {
    query['DestPortGroup'] = request.destPortGroup;
  }
  if (!Util.isUnset(request.destPortType)) {
    query['DestPortType'] = request.destPortType;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.destinationType)) {
    query['DestinationType'] = request.destinationType;
  }
  if (!Util.isUnset(request.domainResolveType)) {
    query['DomainResolveType'] = request.domainResolveType;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.newOrder)) {
    query['NewOrder'] = request.newOrder;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatDays)) {
    query['RepeatDays'] = request.repeatDays;
  }
  if (!Util.isUnset(request.repeatEndTime)) {
    query['RepeatEndTime'] = request.repeatEndTime;
  }
  if (!Util.isUnset(request.repeatStartTime)) {
    query['RepeatStartTime'] = request.repeatStartTime;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceType)) {
    query['SourceType'] = request.sourceType;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'CreateVpcFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Creates an access control policy in a specified policy group for a virtual private cloud (VPC) firewall.
 *
 * @description You can call the CreateVpcFirewallControlPolicy operation to create an access control policy in a specified policy group for a VPC firewall. Different access control policies are used when a VPC firewall is used to protect traffic between two VPCs that are connected by using a Cloud Enterprise Network (CEN) instance or an Express Connect circuit.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request CreateVpcFirewallControlPolicyRequest
 * @return CreateVpcFirewallControlPolicyResponse
 */
async function createVpcFirewallControlPolicy(request: CreateVpcFirewallControlPolicyRequest): CreateVpcFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return createVpcFirewallControlPolicyWithOptions(request, runtime);
}

model DeleteAddressBookRequest {
  groupUuid?: string(name='GroupUuid', description='The ID of the address book.

To delete the address book, you must provide the ID of the address book. You can call the DescribeAddressBook operation to query the ID.

This parameter is required.', example='0657ab9d-fe8b-4174-b2a6-6baf358e****'),
  lang?: string(name='Lang', description='The natural language of the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model DeleteAddressBookResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125EEB1'),
}

model DeleteAddressBookResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteAddressBookResponseBody(name='body'),
}

/**
 * @summary Deletes an address book for access control.
 *
 * @description You can call the DeleteAddressBook operation to delete an address book for access control.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteAddressBookRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteAddressBookResponse
 */
async function deleteAddressBookWithOptions(request: DeleteAddressBookRequest, runtime: Util.RuntimeOptions): DeleteAddressBookResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.groupUuid)) {
    query['GroupUuid'] = request.groupUuid;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteAddressBook',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes an address book for access control.
 *
 * @description You can call the DeleteAddressBook operation to delete an address book for access control.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteAddressBookRequest
 * @return DeleteAddressBookResponse
 */
async function deleteAddressBook(request: DeleteAddressBookRequest): DeleteAddressBookResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteAddressBookWithOptions(request, runtime);
}

model DeleteControlPolicyRequest {
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.

To delete an access control policy, you must specify the UUID of the policy. You can call the [DescribeControlPolicy](https://help.aliyun.com/document_detail/138866.html) operation to query the UUID.

This parameter is required.', example='00281255-d220-4db1-8f4f-c4df221ad84c'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies.

Valid values:

*   **in**: inbound.
*   **out**: outbound.', example='in'),
  lang?: string(name='Lang', description='The language of the content within the request and response.

Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the traffic.', example='192.0.XX.XX', deprecated=true),
}

model DeleteControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
}

model DeleteControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteControlPolicyResponseBody(name='body'),
}

/**
 * @summary Deletes an access control policy.
 *
 * @description You can call the DeleteControlPolicy operation to delete an access control policy that applies to inbound or outbound traffic.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteControlPolicyResponse
 */
async function deleteControlPolicyWithOptions(request: DeleteControlPolicyRequest, runtime: Util.RuntimeOptions): DeleteControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes an access control policy.
 *
 * @description You can call the DeleteControlPolicy operation to delete an access control policy that applies to inbound or outbound traffic.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteControlPolicyRequest
 * @return DeleteControlPolicyResponse
 */
async function deleteControlPolicy(request: DeleteControlPolicyRequest): DeleteControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteControlPolicyWithOptions(request, runtime);
}

model DeleteControlPolicyTemplateRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='en'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='61.178.12.52'),
  templateId?: string(name='TemplateId', description='The ID of the access control policy template.

This parameter is required.', example='719ce620-ae23-4e42-9f93-9191b4400b55'),
}

model DeleteControlPolicyTemplateResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='4E7F94C7-781F-5192-86CF-DB085013C810'),
}

model DeleteControlPolicyTemplateResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteControlPolicyTemplateResponseBody(name='body'),
}

/**
 * @summary Deletes an access control policy template.
 *
 * @param request DeleteControlPolicyTemplateRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteControlPolicyTemplateResponse
 */
async function deleteControlPolicyTemplateWithOptions(request: DeleteControlPolicyTemplateRequest, runtime: Util.RuntimeOptions): DeleteControlPolicyTemplateResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.templateId)) {
    query['TemplateId'] = request.templateId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteControlPolicyTemplate',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes an access control policy template.
 *
 * @param request DeleteControlPolicyTemplateRequest
 * @return DeleteControlPolicyTemplateResponse
 */
async function deleteControlPolicyTemplate(request: DeleteControlPolicyTemplateRequest): DeleteControlPolicyTemplateResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteControlPolicyTemplateWithOptions(request, runtime);
}

model DeleteDownloadTaskRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  taskId?: string(name='TaskId', description='The ID of the file download task.', example='4376'),
}

model DeleteDownloadTaskResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='064022A8-F415-572C-B3C1-657152833F11'),
}

model DeleteDownloadTaskResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteDownloadTaskResponseBody(name='body'),
}

/**
 * @summary Deletes file download tasks.
 *
 * @description You can call this operation to delete file download tasks and delete the files.
 * **
 * **Warning** Both tasks and involved files are deleted. You can no longer download the involved files by using the download links. This operation is irreversible. Proceed with caution.
 *
 * @param request DeleteDownloadTaskRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteDownloadTaskResponse
 */
async function deleteDownloadTaskWithOptions(request: DeleteDownloadTaskRequest, runtime: Util.RuntimeOptions): DeleteDownloadTaskResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.taskId)) {
    query['TaskId'] = request.taskId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteDownloadTask',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes file download tasks.
 *
 * @description You can call this operation to delete file download tasks and delete the files.
 * **
 * **Warning** Both tasks and involved files are deleted. You can no longer download the involved files by using the download links. This operation is irreversible. Proceed with caution.
 *
 * @param request DeleteDownloadTaskRequest
 * @return DeleteDownloadTaskResponse
 */
async function deleteDownloadTask(request: DeleteDownloadTaskRequest): DeleteDownloadTaskResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteDownloadTaskWithOptions(request, runtime);
}

model DeleteFirewallV2RoutePoliciesRequest {
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-d5ba592ac6c84aff****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-2d06d3568fd74d60****'),
}

model DeleteFirewallV2RoutePoliciesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='22B6B889-4E9F-56B3-AF3D-53749C477D1D'),
}

model DeleteFirewallV2RoutePoliciesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteFirewallV2RoutePoliciesResponseBody(name='body'),
}

/**
 * @summary Deletes routing policies for a virtual private cloud (VPC) firewall of a transit router.
 *
 * @param request DeleteFirewallV2RoutePoliciesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteFirewallV2RoutePoliciesResponse
 */
async function deleteFirewallV2RoutePoliciesWithOptions(request: DeleteFirewallV2RoutePoliciesRequest, runtime: Util.RuntimeOptions): DeleteFirewallV2RoutePoliciesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.trFirewallRoutePolicyId)) {
    query['TrFirewallRoutePolicyId'] = request.trFirewallRoutePolicyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteFirewallV2RoutePolicies',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes routing policies for a virtual private cloud (VPC) firewall of a transit router.
 *
 * @param request DeleteFirewallV2RoutePoliciesRequest
 * @return DeleteFirewallV2RoutePoliciesResponse
 */
async function deleteFirewallV2RoutePolicies(request: DeleteFirewallV2RoutePoliciesRequest): DeleteFirewallV2RoutePoliciesResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteFirewallV2RoutePoliciesWithOptions(request, runtime);
}

model DeleteInstanceMembersRequest {
  memberUids?: [ long ](name='MemberUids', description='The UIDs of the members.

This parameter is required.', example='1234123412341234'),
}

model DeleteInstanceMembersResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='03E8AA70-0CC9-42EA-97AA-EA68377930B4'),
}

model DeleteInstanceMembersResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteInstanceMembersResponseBody(name='body'),
}

/**
 * @summary Removes members from Cloud Firewall.
 *
 * @description You can call this operation to remove up to 20 members from Cloud Firewall at a time. Separate multiple members with commas (,). After a member is removed, Cloud Firewall can no longer access the cloud resources of the member. Proceed with caution. Before you call this operation, call the [DescribeInstanceMembers](https://help.aliyun.com/document_detail/271704.html) operation to obtain the information about the members that are added to Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteInstanceMembersRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteInstanceMembersResponse
 */
async function deleteInstanceMembersWithOptions(request: DeleteInstanceMembersRequest, runtime: Util.RuntimeOptions): DeleteInstanceMembersResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.memberUids)) {
    query['MemberUids'] = request.memberUids;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteInstanceMembers',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Removes members from Cloud Firewall.
 *
 * @description You can call this operation to remove up to 20 members from Cloud Firewall at a time. Separate multiple members with commas (,). After a member is removed, Cloud Firewall can no longer access the cloud resources of the member. Proceed with caution. Before you call this operation, call the [DescribeInstanceMembers](https://help.aliyun.com/document_detail/271704.html) operation to obtain the information about the members that are added to Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteInstanceMembersRequest
 * @return DeleteInstanceMembersResponse
 */
async function deleteInstanceMembers(request: DeleteInstanceMembersRequest): DeleteInstanceMembersResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteInstanceMembersWithOptions(request, runtime);
}

model DeleteNatFirewallControlPolicyRequest {
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.

To delete an access control policy, you must provide the ID of the policy. You can call the DescribeNatFirewallControlPolicy operation to query the UUIDs of access control policies.

This parameter is required.', example='b6c8f905-2eb6-442a-ba35-9416e9dbb2c5'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies.

Valid values:

*   **out**: outbound traffic

This parameter is required.', example='out'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngw-xxxxxx'),
}

model DeleteNatFirewallControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='31306869-C4BC-56F3-BBE6-C377CF9C8E1C'),
}

model DeleteNatFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteNatFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Deletes an access control policy that is created for a NAT firewall.
 *
 * @description You can use this operation to delete an outbound access control policy that is created for a NAT firewall.
 *
 * @param request DeleteNatFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteNatFirewallControlPolicyResponse
 */
async function deleteNatFirewallControlPolicyWithOptions(request: DeleteNatFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): DeleteNatFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteNatFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes an access control policy that is created for a NAT firewall.
 *
 * @description You can use this operation to delete an outbound access control policy that is created for a NAT firewall.
 *
 * @param request DeleteNatFirewallControlPolicyRequest
 * @return DeleteNatFirewallControlPolicyResponse
 */
async function deleteNatFirewallControlPolicy(request: DeleteNatFirewallControlPolicyRequest): DeleteNatFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteNatFirewallControlPolicyWithOptions(request, runtime);
}

model DeleteNatFirewallControlPolicyBatchRequest {
  aclUuidList?: [ string ](name='AclUuidList', description='The UUIDs of access control policies.

This parameter is required.'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies. Valid values:

*   **out**: outbound traffic', example='out'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngw-uf6j0426ap74vd6vrb676'),
}

model DeleteNatFirewallControlPolicyBatchResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='450D47F5-956E-543E-8502-2F71C8C54E72'),
}

model DeleteNatFirewallControlPolicyBatchResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteNatFirewallControlPolicyBatchResponseBody(name='body'),
}

/**
 * @summary Deletes access control policies that are created for a NAT firewall at a time.
 *
 * @param request DeleteNatFirewallControlPolicyBatchRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteNatFirewallControlPolicyBatchResponse
 */
async function deleteNatFirewallControlPolicyBatchWithOptions(request: DeleteNatFirewallControlPolicyBatchRequest, runtime: Util.RuntimeOptions): DeleteNatFirewallControlPolicyBatchResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuidList)) {
    query['AclUuidList'] = request.aclUuidList;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteNatFirewallControlPolicyBatch',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes access control policies that are created for a NAT firewall at a time.
 *
 * @param request DeleteNatFirewallControlPolicyBatchRequest
 * @return DeleteNatFirewallControlPolicyBatchResponse
 */
async function deleteNatFirewallControlPolicyBatch(request: DeleteNatFirewallControlPolicyBatchRequest): DeleteNatFirewallControlPolicyBatchResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteNatFirewallControlPolicyBatchWithOptions(request, runtime);
}

model DeleteSecurityProxyRequest {
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  proxyId?: string(name='ProxyId', description='The ID of the NAT firewall.

This parameter is required.', example='proxy-nat00ab412ef93d4275a6b5'),
}

model DeleteSecurityProxyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='7447795A-39AB-52CB-8F92-128DF4898F36'),
}

model DeleteSecurityProxyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteSecurityProxyResponseBody(name='body'),
}

/**
 * @summary Deletes a NAT firewall.
 *
 * @param request DeleteSecurityProxyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteSecurityProxyResponse
 */
async function deleteSecurityProxyWithOptions(request: DeleteSecurityProxyRequest, runtime: Util.RuntimeOptions): DeleteSecurityProxyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.proxyId)) {
    query['ProxyId'] = request.proxyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteSecurityProxy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes a NAT firewall.
 *
 * @param request DeleteSecurityProxyRequest
 * @return DeleteSecurityProxyResponse
 */
async function deleteSecurityProxy(request: DeleteSecurityProxyRequest): DeleteSecurityProxyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteSecurityProxyWithOptions(request, runtime);
}

model DeleteTrFirewallV2Request {
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-99bc4f0fc88b4d00****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
}

model DeleteTrFirewallV2ResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='A774E66E-B170-59FC-9AAF-3068B15E991F'),
}

model DeleteTrFirewallV2Response = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteTrFirewallV2ResponseBody(name='body'),
}

/**
 * @summary Deletes a virtual private cloud (VPC) firewall that is created for a transit router.
 *
 * @param request DeleteTrFirewallV2Request
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteTrFirewallV2Response
 */
async function deleteTrFirewallV2WithOptions(request: DeleteTrFirewallV2Request, runtime: Util.RuntimeOptions): DeleteTrFirewallV2Response {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteTrFirewallV2',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes a virtual private cloud (VPC) firewall that is created for a transit router.
 *
 * @param request DeleteTrFirewallV2Request
 * @return DeleteTrFirewallV2Response
 */
async function deleteTrFirewallV2(request: DeleteTrFirewallV2Request): DeleteTrFirewallV2Response {
  var runtime = new Util.RuntimeOptions{};
  return deleteTrFirewallV2WithOptions(request, runtime);
}

model DeleteVpcFirewallCenConfigureRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  vpcFirewallIdList?: [ string ](name='VpcFirewallIdList', description='The instance IDs of VPC firewalls.

This parameter is required.'),
}

model DeleteVpcFirewallCenConfigureResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125k6j3'),
}

model DeleteVpcFirewallCenConfigureResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteVpcFirewallCenConfigureResponseBody(name='body'),
}

/**
 * @summary Deletes a virtual private cloud (VPC) firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the DeleteVpcFirewallCenConfigure operation to delete a VPC firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. Before you call this operation, make sure that you have created a VPC firewall by calling the [CreateVpcFirewallCenConfigure](https://help.aliyun.com/document_detail/345772.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteVpcFirewallCenConfigureRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteVpcFirewallCenConfigureResponse
 */
async function deleteVpcFirewallCenConfigureWithOptions(request: DeleteVpcFirewallCenConfigureRequest, runtime: Util.RuntimeOptions): DeleteVpcFirewallCenConfigureResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallIdList)) {
    query['VpcFirewallIdList'] = request.vpcFirewallIdList;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteVpcFirewallCenConfigure',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes a virtual private cloud (VPC) firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the DeleteVpcFirewallCenConfigure operation to delete a VPC firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. Before you call this operation, make sure that you have created a VPC firewall by calling the [CreateVpcFirewallCenConfigure](https://help.aliyun.com/document_detail/345772.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteVpcFirewallCenConfigureRequest
 * @return DeleteVpcFirewallCenConfigureResponse
 */
async function deleteVpcFirewallCenConfigure(request: DeleteVpcFirewallCenConfigureRequest): DeleteVpcFirewallCenConfigureResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteVpcFirewallCenConfigureWithOptions(request, runtime);
}

model DeleteVpcFirewallConfigureRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  vpcFirewallIdList?: [ string ](name='VpcFirewallIdList', description='The instance IDs of VPC firewalls.

This parameter is required.'),
}

model DeleteVpcFirewallConfigureResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125k6j3'),
}

model DeleteVpcFirewallConfigureResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteVpcFirewallConfigureResponseBody(name='body'),
}

/**
 * @summary Deletes a virtual private cloud (VPC) firewall that controls traffic between two VPCs. The VPCs are connected by using an Express Connect circuit.
 *
 * @description You can call the DeleteVpcFirewallConfigure operation to delete a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit. Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://help.aliyun.com/document_detail/342893.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteVpcFirewallConfigureRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteVpcFirewallConfigureResponse
 */
async function deleteVpcFirewallConfigureWithOptions(request: DeleteVpcFirewallConfigureRequest, runtime: Util.RuntimeOptions): DeleteVpcFirewallConfigureResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallIdList)) {
    query['VpcFirewallIdList'] = request.vpcFirewallIdList;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteVpcFirewallConfigure',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes a virtual private cloud (VPC) firewall that controls traffic between two VPCs. The VPCs are connected by using an Express Connect circuit.
 *
 * @description You can call the DeleteVpcFirewallConfigure operation to delete a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit. Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://help.aliyun.com/document_detail/342893.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteVpcFirewallConfigureRequest
 * @return DeleteVpcFirewallConfigureResponse
 */
async function deleteVpcFirewallConfigure(request: DeleteVpcFirewallConfigureRequest): DeleteVpcFirewallConfigureResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteVpcFirewallConfigureWithOptions(request, runtime);
}

model DeleteVpcFirewallControlPolicyRequest {
  aclUuid?: string(name='AclUuid', description='The ID of the access control policy. 

To delete an access control policy, you must provide the ID of the policy. You can call the **DescribeVpcFirewallControlPolicy** operation to query the ID.

This parameter is required.', example='00281255-d220-4db1-8f4f-c4df2214****'),
  lang?: string(name='Lang', description='The natural language of the request and response. Valid values: 

- **zh**: Chinese
- **en**: English', example='zh'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The ID of the group to which the access control policy belongs. You can call the **DescribeVpcFirewallAclGroupList** operation to query the ID.  

Valid values:

- If the VPC firewall is used to protect a CEN instance, the value of this parameter is the ID of the CEN instance.  

Example: cen-ervw0g12b5jbw****
- If the VPC firewall is used to protect an Express Connect circuit, the value of this parameter is the ID of the VPC firewall.  

Example: vfw-a42bbb7b887148c9****

This parameter is required.', example='vfw-a42bbb7b887148c91****'),
}

model DeleteVpcFirewallControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
}

model DeleteVpcFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DeleteVpcFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Deletes an access control policy from a specific policy group for a virtual private cloud (VPC) firewall.
 *
 * @description You can call the DeleteVpcFirewallControlPolicy operation to delete an access control policy from a specific policy group for a VPC firewall. Different access control policies are used for the VPC firewall that is used to protect each Cloud Enterprise Network (CEN) instance and the VPC firewall that is used to protect each Express Connect circuit. 
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteVpcFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DeleteVpcFirewallControlPolicyResponse
 */
async function deleteVpcFirewallControlPolicyWithOptions(request: DeleteVpcFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): DeleteVpcFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DeleteVpcFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Deletes an access control policy from a specific policy group for a virtual private cloud (VPC) firewall.
 *
 * @description You can call the DeleteVpcFirewallControlPolicy operation to delete an access control policy from a specific policy group for a VPC firewall. Different access control policies are used for the VPC firewall that is used to protect each Cloud Enterprise Network (CEN) instance and the VPC firewall that is used to protect each Express Connect circuit. 
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DeleteVpcFirewallControlPolicyRequest
 * @return DeleteVpcFirewallControlPolicyResponse
 */
async function deleteVpcFirewallControlPolicy(request: DeleteVpcFirewallControlPolicyRequest): DeleteVpcFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return deleteVpcFirewallControlPolicyWithOptions(request, runtime);
}

model DescribeACLProtectTrendRequest {
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp that is accurate to seconds.', example='1670397599'),
  lang?: string(name='Lang', description='The language of the content within the request and the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='This parameter is deprecated.', example='223.95.87.130'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp that is accurate to seconds.', example='1677050306'),
}

model DescribeACLProtectTrendResponseBody = {
  inProtectCnt?: long(name='InProtectCnt', description='The number of internal requests that are blocked by the ACL feature.', example='100'),
  interVPCProtectCnt?: long(name='InterVPCProtectCnt', description='This parameter is deprecated.', example='0'),
  interval?: int32(name='Interval', description='The interval for returning data. Unit: seconds.', example='86400'),
  outProtectCnt?: long(name='OutProtectCnt', description='The number of external requests that are blocked by the ACL feature.', example='200'),
  requestId?: string(name='RequestId', description='The request ID.', example='9063AB86-6FFA-5B2D-A16D-697C966DECA3'),
  totalProtectCnt?: long(name='TotalProtectCnt', description='The total number of requests that are blocked by the ACL feature.', example='300'),
  trendList?: [ 
    {
      protectCnt?: int32(name='ProtectCnt', description='The number of requests that are blocked by ACL on the current day.', example='100'),
      time?: long(name='Time', description='The UNIX timestamp at midnight (00:00:00) of each day, which indicates the date of the current day. Unit: seconds.', example='1697299200'),
    }
  ](name='TrendList', description='The statistics on the requests that are blocked by the ACL feature.'),
}

model DescribeACLProtectTrendResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeACLProtectTrendResponseBody(name='body'),
}

/**
 * @summary Queries the statistics on the requests that are blocked by the access control list (ACL) feature.
 *
 * @param request DescribeACLProtectTrendRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeACLProtectTrendResponse
 */
async function describeACLProtectTrendWithOptions(request: DescribeACLProtectTrendRequest, runtime: Util.RuntimeOptions): DescribeACLProtectTrendResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeACLProtectTrend',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the statistics on the requests that are blocked by the access control list (ACL) feature.
 *
 * @param request DescribeACLProtectTrendRequest
 * @return DescribeACLProtectTrendResponse
 */
async function describeACLProtectTrend(request: DescribeACLProtectTrendRequest): DescribeACLProtectTrendResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeACLProtectTrendWithOptions(request, runtime);
}

model DescribeAddressBookRequest {
  containPort?: string(name='ContainPort', description='The port that is included in the address book. This parameter takes effect only when the **GroupType** parameter is set to **port**.', example='80'),
  currentPage?: string(name='CurrentPage', description='The page number.

Pages start from page 1. Default value: 1.', example='1'),
  groupType?: string(name='GroupType', description='The type of the address book. Valid values:

*   **ip**: IP address book
*   **domain**: domain address book
*   **port**: port address book
*   **tag**: Elastic Compute Service (ECS) tag-based address book
*   **allCloud**: cloud service address book
*   **threat**: threat intelligence address book
*   **ipv6**: IPv6 address book
>  If you do not specify a type, the domain address books and ECS tag-based address books are queried.', example='ip'),
  lang?: string(name='Lang', description='The language of the content within the request. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  pageSize?: string(name='PageSize', description='The number of entries per page.

Default value: 10. Maximum value: 50.', example='10'),
  query?: string(name='Query', description='The query condition that is used to search for the address book.', example='192.0.XX.XX'),
}

model DescribeAddressBookResponseBody = {
  acls?: [ 
    {
      addressList?: [ string ](name='AddressList', description='The addresses in the address book.'),
      addressListCount?: int32(name='AddressListCount', description='The number of addresses in the address book.', example='2'),
      addresses?: [ 
        {
          address?: string(name='Address', description='Address information in the address book.', example='192.168.0.1/32'),
          note?: string(name='Note', description='Single address description.', example='description'),
        }
      ](name='Addresses', description='A list of addresses in the address book, each with a single address description.'),
      autoAddTagEcs?: int32(name='AutoAddTagEcs', description='Indicates whether the public IP addresses of ECS instances are automatically added to the address book if the instances match the specified tags. The setting takes effect on both newly purchased ECS instances whose tag settings are complete and ECS instances whose tag settings are modified. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
      description?: string(name='Description', description='The description of the address book.', example='my address book'),
      groupName?: string(name='GroupName', description='The name of the address book.', example='demo_address_book'),
      groupType?: string(name='GroupType', description='The type of the address book. Valid values:

*   **ip**: IP address book
*   **domain**: domain address book
*   **port**: port address book
*   **tag**: ECS tag-based address book
*   **allCloud**: cloud service address book
*   **threat**: threat intelligence address book', example='ip'),
      groupUuid?: string(name='GroupUuid', description='The UUID of the address book.', example='f04ac7ce-628b-4cb7-be61-310222b7****'),
      referenceCount?: int32(name='ReferenceCount', description='The number of times that the address book is referenced.', example='3'),
      tagList?: [ 
        {
          tagKey?: string(name='TagKey', description='The key of the ECS tag.', example='company'),
          tagValue?: string(name='TagValue', description='The value of the ECS tag.', example='admin'),
        }
      ](name='TagList', description='The details about the ECS tags that can be automatically added to the address book.'),
      tagRelation?: string(name='TagRelation', description='The logical relationship among ECS tags. Valid values:

*   **and**: Only the public IP addresses of ECS instances that match all the specified tags can be added to the address book.
*   **or**: The public IP addresses of ECS instances that match any of the specified tags can be added to the address book.', example='and'),
    }
  ](name='Acls', description='The information about the address book.'),
  pageNo?: string(name='PageNo', description='The page number.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries per page.', example='10'),
  requestId?: string(name='RequestId', description='The request ID.', example='B36F150A-1E27-43AA-B72C-D2AC712F09DA'),
  totalCount?: string(name='TotalCount', description='The total number of the returned address books.', example='100'),
}

model DescribeAddressBookResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeAddressBookResponseBody(name='body'),
}

/**
 * @summary Queries the details about an address book for an access control policy.
 *
 * @description You can call this operation to query the details about an address book for an access control policy.
 * ## [](#qps)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeAddressBookRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeAddressBookResponse
 */
async function describeAddressBookWithOptions(request: DescribeAddressBookRequest, runtime: Util.RuntimeOptions): DescribeAddressBookResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.containPort)) {
    query['ContainPort'] = request.containPort;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.groupType)) {
    query['GroupType'] = request.groupType;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.query)) {
    query['Query'] = request.query;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeAddressBook',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details about an address book for an access control policy.
 *
 * @description You can call this operation to query the details about an address book for an access control policy.
 * ## [](#qps)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeAddressBookRequest
 * @return DescribeAddressBookResponse
 */
async function describeAddressBook(request: DescribeAddressBookRequest): DescribeAddressBookResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeAddressBookWithOptions(request, runtime);
}

model DescribeAssetListRequest {
  currentPage?: string(name='CurrentPage', description='The page number. Valid values: 1 to 50.

This parameter is required.', example='1'),
  ipVersion?: string(name='IpVersion', description='The IP version of the asset that is protected by Cloud Firewall. Valid values:

*   **4**: IPv4 (default)
*   **6**: IPv6', example='4'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: long(name='MemberUid', description='The UID of the member that is added to Cloud Firewall.', example='258039427902****'),
  newResourceTag?: string(name='NewResourceTag', description='The time when the asset was added. Valid values:

*   **discovered in 1 hour**: within one hour.
*   **discovered in 1 day**: within one day.
*   **discovered in 7 days**: within seven days.', example='discovered in 1 hour'),
  outStatistic?: string(name='OutStatistic', description='Whether to query external traffic information.', example='true'),
  pageSize?: string(name='PageSize', description='The number of entries per page. Valid values: 1 to 50.

This parameter is required.', example='10'),
  regionNo?: string(name='RegionNo', description='The region ID of your Cloud Firewall.

> For more information about the regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).', example='cn-hangzhou'),
  resourceType?: string(name='ResourceType', description='The type of the asset. Valid values:

*   **BastionHostEgressIP**: the egress IP address of a bastion host
*   **BastionHostIngressIP**: the ingress IP address of a bastion host
*   **EcsEIP**: the elastic IP address (EIP) of an Elastic Compute Service (ECS) instance
*   **EcsPublicIP**: the public IP address of an ECS instance
*   **EIP**: the EIP
*   **EniEIP**: the EIP of an elastic network interface (ENI)
*   **NatEIP**: the EIP of a NAT gateway
*   **SlbEIP**: the EIP of a Server Load Balancer (SLB) instance or a Classic Load Balancer (CLB) instance
*   **SlbPublicIP**: the public IP address of an SLB instance or a CLB instance
*   **NatPublicIP**: the public IP address of a NAT gateway
*   **HAVIP**: the high-availability virtual IP address (HAVIP)', example='EIP'),
  searchItem?: string(name='SearchItem', description='The instance ID or IP address of the asset.', example='192.0.XX.XX'),
  sensitiveStatus?: string(name='SensitiveStatus', description='Data leakage detection activation status.', example='open'),
  sgStatus?: string(name='SgStatus', description='The status of the security group policy. Valid values:

*   **pass**: delivered
*   **block**: undelivered
*   **unsupport**: unsupported

> If you do not specify this parameter, the assets on which security group policies in all states take effect are queried.', example='pass'),
  status?: string(name='Status', description='The status of the firewall. Valid values:

*   **open**: The firewall is enabled.
*   **opening**: The firewall is being enabled.
*   **closed**: The firewall is disabled.
*   **closing**: The firewall is being disabled.

> If you do not specify this parameter, the assets that are configured for firewalls in all states are queried.', example='open'),
  type?: string(name='Type', description='This parameter is deprecated.', example='eip'),
  userType?: string(name='UserType', description='The edition of Cloud Firewall. Valid values:

*   **buy**: a paid edition (default)
*   **free**: Free Edition', example='buy'),
}

model DescribeAssetListResponseBody = {
  assets?: [ 
    {
      aliUid?: long(name='AliUid', description='The UID of the Alibaba Cloud account.

>  The value of this parameter indicates the management account to which the member is added.', example='158039427902****'),
      bindInstanceId?: string(name='BindInstanceId', description='The ID of the cloud resource with which the asset is associated.', example='i-8vbdrjrxzt78****'),
      bindInstanceName?: string(name='BindInstanceName', description='The instance name of the asset.', example='instance01'),
      createTimeStamp?: string(name='CreateTimeStamp', description='The timestamp when the asset is added to Cloud Firewall.', example='2023-02-28 10:29:58'),
      internetAddress?: string(name='InternetAddress', description='The public IP address of the server.', example='192.0.XX.XX'),
      intranetAddress?: string(name='IntranetAddress', description='The internal IP address of the server.', example='192.168.XX.XX'),
      ipVersion?: int32(name='IpVersion', description='The IP version of the asset that is protected by Cloud Firewall.

Valid values:

*   **4**: IPv4
*   **6**: IPv6', example='4'),
      last7DayOutTrafficBytes?: long(name='Last7DayOutTrafficBytes', description='Outbound traffic in the last 7 days.', example='0'),
      memberUid?: long(name='MemberUid', description='The UID of the member.', example='258039427902****'),
      name?: string(name='Name', description='The instance name of the asset that is protected by Cloud Firewall.', example='instance01'),
      newResourceTag?: string(name='NewResourceTag', description='The time when the asset was added. Valid values:

*   **discovered in 1 hour**: within one hour.
*   **discovered in 1 day**: within one day.
*   **discovered in 7 days**: within seven days.', example='discovered in 1 hour'),
      note?: string(name='Note', description='The remarks of the asset. Valid values:

*   **REGION_NOT_SUPPORT**: The region is not supported.
*   **NETWORK_NOT_SUPPORT**: The network is not supported.', example='REGION_NOT_SUPPORT'),
      protectStatus?: string(name='ProtectStatus', description='The status of the firewall. Valid values:

*   **open**: enabled.
*   **opening**: being enabled.
*   **closed**: disabled.
*   **closing**: being disabled.', example='open'),
      regionID?: string(name='RegionID', description='The ID of the region in which the asset resides.', example='cn-hangzhou'),
      regionStatus?: string(name='RegionStatus', description='Indicates whether the firewall is supported in the region in which the asset resides. Valid values:

*   **enable**: yes
*   **disable**: no', example='enable'),
      resourceInstanceId?: string(name='ResourceInstanceId', description='The instance ID of the asset.', example='i-8vbdrjrxzt78****'),
      resourceType?: string(name='ResourceType', description='The type of the asset. Valid values:

*   **BastionHostEgressIP**: the egress IP address of a bastion host
*   **BastionHostIngressIP**: the ingress IP address of a bastion host
*   **EcsEIP**: the elastic IP address (EIP) of an Elastic Compute Service (ECS) instance
*   **EcsPublicIP**: the public IP address of an ECS instance
*   **EIP**: the EIP
*   **EniEIP**: the EIP of an elastic network interface (ENI)
*   **NatEIP**: the EIP of a NAT gateway
*   **SlbEIP**: the EIP of a Server Load Balancer (SLB) instance
*   **SlbPublicIP**: the public IP address of an SLB instance
*   **NatPublicIP**: the public IP address of a NAT gateway
*   **HAVIP**: the high-availability virtual IP address (HAVIP)', example='EIP'),
      riskLevel?: string(name='RiskLevel', description='The risk level of the asset. Valid values:

*   **low**: low
*   **middle**: medium
*   **hight**: high

>  The value of this parameter is returned only when the UserType parameter is set to free.', example='low'),
      sensitiveDataStatus?: string(name='SensitiveDataStatus', description='Data leakage detection enabled status.', example='open'),
      sgStatus?: string(name='SgStatus', description='The status of the security group policy. Valid values:

*   **pass**: applied
*   **block**: not applied
*   **unsupport**: unsupported', example='block'),
      sgStatusTime?: long(name='SgStatusTime', description='The time when the status of the security group was last checked. The value is a UNIX timestamp. Unit: seconds.', example='1615082937'),
      syncStatus?: string(name='SyncStatus', description='Indicates whether traffic redirection is supported for the asset. Valid values:

*   **enable**: yes
*   **disable**: no', example='enable'),
      type?: string(name='Type', description='This parameter is deprecated.', example='eip'),
    }
  ](name='Assets', description='The assets that are protected by Cloud Firewall.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
  totalCount?: int32(name='TotalCount', description='The total number of the assets that are protected by Cloud Firewall.', example='12'),
}

model DescribeAssetListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeAssetListResponseBody(name='body'),
}

/**
 * @summary Queries the assets that are protected by Cloud Firewall.
 *
 * @description You can call the DescribeAssetList operation to query the assets that are protected by Cloud Firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeAssetListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeAssetListResponse
 */
async function describeAssetListWithOptions(request: DescribeAssetListRequest, runtime: Util.RuntimeOptions): DescribeAssetListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.newResourceTag)) {
    query['NewResourceTag'] = request.newResourceTag;
  }
  if (!Util.isUnset(request.outStatistic)) {
    query['OutStatistic'] = request.outStatistic;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.resourceType)) {
    query['ResourceType'] = request.resourceType;
  }
  if (!Util.isUnset(request.searchItem)) {
    query['SearchItem'] = request.searchItem;
  }
  if (!Util.isUnset(request.sensitiveStatus)) {
    query['SensitiveStatus'] = request.sensitiveStatus;
  }
  if (!Util.isUnset(request.sgStatus)) {
    query['SgStatus'] = request.sgStatus;
  }
  if (!Util.isUnset(request.status)) {
    query['Status'] = request.status;
  }
  if (!Util.isUnset(request.type)) {
    query['Type'] = request.type;
  }
  if (!Util.isUnset(request.userType)) {
    query['UserType'] = request.userType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeAssetList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the assets that are protected by Cloud Firewall.
 *
 * @description You can call the DescribeAssetList operation to query the assets that are protected by Cloud Firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeAssetListRequest
 * @return DescribeAssetListResponse
 */
async function describeAssetList(request: DescribeAssetListRequest): DescribeAssetListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeAssetListWithOptions(request, runtime);
}

model DescribeAssetRiskListRequest {
  ipAddrList?: [ string ](name='IpAddrList', description='The IP addresses to query. Separate the IP addresses with commas (,). You can specify up to 20 IP addresses at a time.

> 

*   Example IPv4 address: 47.97.XX.XX.

*   Example IPv6 address: 2001:db8:ffff:ffff:ffff:XXXX:ffff.'),
  ipVersion?: int32(name='IpVersion', description='The IP version of the asset that is protected by Cloud Firewall.

Valid values:

*   **4** (default): IPv4
*   **6**: IPv6

This parameter is required.', example='4'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='47.100.XX.XX'),
}

model DescribeAssetRiskListResponseBody = {
  assetList?: [ 
    {
      ip?: string(name='Ip', description='The IP address of the server.', example='39.108.XX.XX'),
      ipVersion?: long(name='IpVersion', description='The IP version of the asset that is protected by Cloud Firewall.

Valid values:

*   **4**: IPv4
*   **6**: IPv6', example='4'),
      reason?: string(name='Reason', description='The reason for the risk.', example='other'),
      riskLevel?: string(name='RiskLevel', description='The risk level. Valid values:

*   **low**
*   **middle**
*   **high**', example='low'),
    }
  ](name='AssetList', description='The details of the assets.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='443C5781-1C03-5FCD-8EC5-FB9C0B9AC396'),
  totalCount?: long(name='TotalCount', description='The total number of entries returned.', example='12'),
}

model DescribeAssetRiskListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeAssetRiskListResponseBody(name='body'),
}

/**
 * @summary Queries the risk levels of assets.
 *
 * @param request DescribeAssetRiskListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeAssetRiskListResponse
 */
async function describeAssetRiskListWithOptions(request: DescribeAssetRiskListRequest, runtime: Util.RuntimeOptions): DescribeAssetRiskListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.ipAddrList)) {
    query['IpAddrList'] = request.ipAddrList;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeAssetRiskList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the risk levels of assets.
 *
 * @param request DescribeAssetRiskListRequest
 * @return DescribeAssetRiskListResponse
 */
async function describeAssetRiskList(request: DescribeAssetRiskListRequest): DescribeAssetRiskListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeAssetRiskListWithOptions(request, runtime);
}

model DescribeAssetStatisticRequest {
  lang?: string(name='Lang', description='The language of the content within the request. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='112.239.XX.XX'),
}

model DescribeAssetStatisticResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='850A84******25g4d2'),
  resourceSpecStatistic?: {
    ipNumSpec?: int32(name='IpNumSpec', description='The number of public IP addresses that can be protected.', example='20'),
    ipNumUsed?: int32(name='IpNumUsed', description='The number of public IP addresses that are protected.', example='10'),
    sensitiveDataIpNumSpec?: long(name='SensitiveDataIpNumSpec', description='The number of public IP addresses that can enable data leakage detection.', example='0'),
    sensitiveDataIpNumUsed?: long(name='SensitiveDataIpNumUsed', description='The number of public IP addresses that enabled data leakage detection.', example='0'),
  }(name='ResourceSpecStatistic', description='The statistics on specifications.'),
}

model DescribeAssetStatisticResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeAssetStatisticResponseBody(name='body'),
}

/**
 * @summary Queries statistics on the assets that are protected by Cloud Firewall.
 *
 * @param request DescribeAssetStatisticRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeAssetStatisticResponse
 */
async function describeAssetStatisticWithOptions(request: DescribeAssetStatisticRequest, runtime: Util.RuntimeOptions): DescribeAssetStatisticResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeAssetStatistic',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries statistics on the assets that are protected by Cloud Firewall.
 *
 * @param request DescribeAssetStatisticRequest
 * @return DescribeAssetStatisticResponse
 */
async function describeAssetStatistic(request: DescribeAssetStatisticRequest): DescribeAssetStatisticResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeAssetStatisticWithOptions(request, runtime);
}

model DescribeCfwRiskLevelSummaryRequest {
  instanceType?: string(name='InstanceType', description='The instance type.', example='EcsEIP'),
  lang?: string(name='Lang', description='The language of the content within the response.

Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  regionId?: string(name='RegionId', description='The region ID of your Cloud Firewall.

>  For more information about Cloud Firewall supported regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).', example='cn-shanghai'),
}

model DescribeCfwRiskLevelSummaryResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='F1F30435-FA0A-52DA-A5DE-C16FD6C171DA'),
  riskList?: [ 
    {
      level?: string(name='Level', description='The risk levels. Valid values:

*   **medium**', example='medium'),
      num?: string(name='Num', description='The number of at-risk Elastic Compute Service (ECS) instances.', example='50'),
      type?: string(name='Type', description='The type.', example='ResourceNotProtected'),
    }
  ](name='RiskList', description='The list of risks.'),
}

model DescribeCfwRiskLevelSummaryResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeCfwRiskLevelSummaryResponseBody(name='body'),
}

/**
 * @summary Queries the firewall risk level.
 *
 * @param request DescribeCfwRiskLevelSummaryRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeCfwRiskLevelSummaryResponse
 */
async function describeCfwRiskLevelSummaryWithOptions(request: DescribeCfwRiskLevelSummaryRequest, runtime: Util.RuntimeOptions): DescribeCfwRiskLevelSummaryResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceType)) {
    query['InstanceType'] = request.instanceType;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.regionId)) {
    query['RegionId'] = request.regionId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeCfwRiskLevelSummary',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the firewall risk level.
 *
 * @param request DescribeCfwRiskLevelSummaryRequest
 * @return DescribeCfwRiskLevelSummaryResponse
 */
async function describeCfwRiskLevelSummary(request: DescribeCfwRiskLevelSummaryRequest): DescribeCfwRiskLevelSummaryResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeCfwRiskLevelSummaryWithOptions(request, runtime);
}

model DescribeControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.

>  If you do not specify this parameter, access control policies of all action types are queried.', example='accept'),
  aclUuid?: string(name='AclUuid', description='The unique ID of the access control policy.', example='00281255-d220-4db1-8f4f-c4df221a****'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return.

Default value: 1.

This parameter is required.', example='1'),
  description?: string(name='Description', description='The description of the access control policy. Fuzzy match is supported.

>  If you do not specify this parameter, access control policies that have descriptions are queried.', example='test'),
  destination?: string(name='Destination', description='The destination address in the access control policy. Fuzzy match is supported. The value of this parameter varies based on the value of the DestinationType parameter.

*   If you set DestinationType to `net`, the value of Destination is a CIDR block. Example: 10.0.3.0/24.
*   If you set DestinationType to `domain`, the value of Destination is a domain name. Example: aliyun.
*   If you set DestinationType to `group`, the value of Destination is the name of an address book. Example: db_group.
*   If you set DestinationType to `location`, the value of Destination is the name of a location. For more information about location codes, see AddControlPolicy. Example: ["BJ11", "ZB"].

>  If you do not specify this parameter, access control policies of all destination address types are queried.', example='192.0.XX.XX'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policies apply. Valid values:

*   **in**: inbound.
*   **out**: outbound.', example='in'),
  ipVersion?: string(name='IpVersion', description='The IP version of the address in the access control policy. Valid values:

*   **4**: IPv4 (default)
*   **6**: IPv6', example='6'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

This parameter is required.', example='10'),
  proto?: string(name='Proto', description='The type of the protocol in the access control policy. Valid values:

* **TCP**
* **UDP**
* **ICMP**
* **ANY**: all types of protocols

>  If you do not specify this parameter, access control policies of all protocol types are queried.', example='TCP'),
  release?: string(name='Release', description='Specifies whether the access control policy is enabled. By default, an access control policy is enabled after it is created. Valid values:

*   **true**: The access control policy is enabled.
*   **false**: The access control policy is disabled.', example='true'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy. Fuzzy match is supported. The value of this parameter depends on the value of the SourceType parameter.

*   If SourceType is set to `net`, the value of Source must be a CIDR block. Example: 192.0.XX.XX/24.
*   If SourceType is set to `group`, the value of Source must be the name of an address book. Example: db_group. If the db_group address book does not contain addresses, all source addresses are queried.
*   If SourceType is set to `location`, the value of Source must be a location. Example: beijing.

>  If you do not specify this parameter, access control policies of all source address types are queried.', example='192.0.XX.XX'),
}

model DescribeControlPolicyResponseBody = {
  pageNo?: string(name='PageNo', description='The page number of the returned page.', example='1'),
  pageSize?: string(name='PageSize', description='The number of entries returned per page.', example='10'),
  policys?: [ 
    {
      aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.', example='accept'),
      aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.', example='00281255-d220-4db1-8f4f-c4df221a****'),
      applicationId?: string(name='ApplicationId', description='The application ID in the access control policy.', example='10***'),
      applicationName?: string(name='ApplicationName', description='The application type supported by the access control policy. We recommend that you specify ApplicationNameList. Valid values:

*   **FTP**
*   **HTTP**
*   **HTTPS**
*   **Memcache**
*   **MongoDB**
*   **MQTT**
*   **MySQL**
*   **RDP**
*   **Redis**
*   **SMTP**
*   **SMTPS**
*   **SSH**
*   **SSL**
*   **VNC**
*   **ANY**: all types of applications', example='HTTP'),
      applicationNameList?: [ string ](name='ApplicationNameList', description='The application names.'),
      createTime?: long(name='CreateTime', description='The time when the access control policy was created.', example='1761062400'),
      description?: string(name='Description', description='The description of the access control policy.', example='test'),
      destPort?: string(name='DestPort', description='The destination port in the access control policy.', example='80'),
      destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.', example='my_port_group'),
      destPortGroupPorts?: [ string ](name='DestPortGroupPorts', description='The ports in the destination port address book.'),
      destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy. Valid values:

*   **port**: port
*   **group**: port address book', example='port'),
      destination?: string(name='Destination', description='The destination address in the access control policy. The value of this parameter varies based on the value of DestinationType.

*   If the value of **DestinationType** is **net**, the value of Destination is a CIDR block. Example: 192.0.XX.XX/24.
*   If the value of **DestinationType** is **domain**, the value of Destination is a domain name. Example: aliyuncs.com.
*   If the value of **DestinationType** is **group**, the value of Destination is the name of an address book. Example: db_group.
*   If the value of **DestinationType** is **location**, the value of Destination is the name of a location. For more information about location codes, see AddControlPolicy. Example: ["BJ11", "ZB"].', example='192.0.XX.XX/24'),
      destinationGroupCidrs?: [ string ](name='DestinationGroupCidrs', description='The CIDR blocks in the destination address book.'),
      destinationGroupType?: string(name='DestinationGroupType', description='The type of the destination address book in the access control policy. Valid values:

*   **ip**: an address book that includes one or more IP addresses
*   **tag**: an ECS tag-based address book that includes the IP addresses of the ECS instances with one or more specific tags
*   **domain**: an address book that includes one or more domain names
*   **threat**: an address book that includes one or more malicious IP addresses or domain names
*   **backsrc**: an address book that includes one or more back-to-origin addresses of Anti-DDoS Pro or Anti-DDoS Premium instances or WAF instances', example='ip'),
      destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name
*   **location**: location', example='net'),
      direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies. Valid values:

*   **in**: inbound traffic
*   **out**: outbound traffic', example='in'),
      dnsResult?: string(name='DnsResult', description='The DNS resolution results.', example='192.0.XX.XX,192.0.XX.XX', deprecated=true),
      dnsResultTime?: long(name='DnsResultTime', description='The time when the Domain Name System (DNS) resolution was performed. The value is a timestamp. Unit: seconds.', example='1579261141'),
      domainResolveType?: string(name='DomainResolveType', description='The domain name resolution method of the access control policy. By default, an access control policy is enabled after the policy is created. Valid values:

* **FQDN**: fully qualified domain name (FQDN)-based resolution
* **DNS**: DNS-based dynamic resolution
* **FQDN_AND_DNS**: FQDN and DNS-based dynamic resolution', example='FQDN'),
      endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a timestamp. Unit: seconds. The end time must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If RepeatType is set to Permanent, this parameter is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, this parameter must be specified.', example='1694764800'),
      hitLastTime?: long(name='HitLastTime', description='The time when the access control policy was last hit. The value is a timestamp. Unit: seconds.', example='1579261141'),
      hitTimes?: long(name='HitTimes', description='The number of hits for the access control policy.', example='100'),
      ipVersion?: int32(name='IpVersion', description='The IP version used in the access control policy. Valid values:

*   **4**: IPv4
*   **6**: IPv6', example='6'),
      modifyTime?: long(name='ModifyTime', description='The time when the access control policy was modified.', example='1761062400'),
      order?: int32(name='Order', description='The priority of the access control policy.

The priority value starts from 1. A smaller priority value indicates a higher priority.', example='1'),
      proto?: string(name='Proto', description='The protocol type in the access control policy. Valid values:

*   **ANY**
*   **TCP**
*   **UDP**
*   **ICMP**', example='TCP'),
      release?: string(name='Release', description='The status of the access control policy. By default, an access control policy is enabled after it is created. Valid values:

*   **true**: enabled
*   **false**: disabled', example='true'),
      repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If RepeatType is set to `Permanent`, `None`, or `Daily`, this parameter is left empty. Example: [].
*   If RepeatType is set to Weekly, this parameter must be specified. Example: [0, 6].

>  If RepeatType is set to Weekly, the fields in the value of RepeatDays cannot be repeated.

*   If RepeatType is set to `Monthly`, this parameter must be specified. Example: [1, 31].

>  If RepeatType is set to Monthly, the fields in the value of RepeatDays cannot be repeated.'),
      repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The value must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If RepeatType is set to Permanent or None, this parameter is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='23:30'),
      repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If RepeatType is set to Permanent or None, this parameter is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='08:00'),
      repeatType?: string(name='RepeatType', description='The recurrence type based on which the access control policy takes effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
      source?: string(name='Source', description='The source address in the access control policy. Valid values:

*   If **SourceType** is set to `net`, the value of Source is a CIDR block. Example: 192.0.XX.XX/24.
*   If **SourceType** is set to `group`, the value of Source is the name of an address book. Example: db_group.
*   If **SourceType** is set to `location`, the value of Source is a location. For more information about location codes, see [AddControlPolicy](https://help.aliyun.com/document_detail/138867.html). Example: ["BJ11", "ZB"].', example='192.0.XX.XX/24'),
      sourceGroupCidrs?: [ string ](name='SourceGroupCidrs', description='The CIDR blocks in the source address book.'),
      sourceGroupType?: string(name='SourceGroupType', description='The type of the source address book in the access control policy. Valid values:

*   **ip**: an address book that includes one or more IP addresses
*   **tag**: an Elastic Compute Service (ECS) tag-based address book that includes the IP addresses of the ECS instances with one or more specific tags
*   **domain**: an address book that includes one or more domain names
*   **threat**: an address book that includes one or more malicious IP addresses or domain names
*   **backsrc**: an address book that includes one or more back-to-origin addresses of Anti-DDoS Pro or Anti-DDoS Premium instances or Web Application Firewall (WAF) instances', example='ip'),
      sourceType?: string(name='SourceType', description='The type of the source address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **location**: location', example='net'),
      spreadCnt?: int32(name='SpreadCnt', description='The total quota consumed by the returned access control policies, which is the sum of the quota consumed by each policy. The quota that is consumed by an access control policy is calculated by using the following formula: Quota that is consumed by an access control policy = Number of source addresses (number of CIDR blocks or regions) × Number of destination addresses (number of CIDR blocks, regions, or domain names) × Number of port ranges × Number of applications.', example='10,000'),
      startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a timestamp. Unit: seconds. The start time must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If RepeatType is set to Permanent, this parameter is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, this parameter must be specified.', example='1694761200'),
    }
  ](name='Policys', description='The information about the access control policies.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2****'),
  totalCount?: string(name='TotalCount', description='The total number of the returned access control policies.', example='100'),
}

model DescribeControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeControlPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the details about all access control policies.
 *
 * @description You can call the DescribeControlPolicy operation to query the details about access control policies by page.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeControlPolicyResponse
 */
async function describeControlPolicyWithOptions(request: DescribeControlPolicyRequest, runtime: Util.RuntimeOptions): DescribeControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details about all access control policies.
 *
 * @description You can call the DescribeControlPolicy operation to query the details about access control policies by page.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeControlPolicyRequest
 * @return DescribeControlPolicyResponse
 */
async function describeControlPolicy(request: DescribeControlPolicyRequest): DescribeControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeControlPolicyWithOptions(request, runtime);
}

model DescribeDefaultIPSConfigRequest {
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default)
*   **en**', example='zh'),
}

model DescribeDefaultIPSConfigResponseBody = {
  basicRules?: int32(name='BasicRules', description='Indicates whether basic protection is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='0'),
  ctiRules?: int32(name='CtiRules', description='Indicates whether threat intelligence is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='0'),
  maxSdl?: long(name='MaxSdl', description='The maximum amount of traffic that can be processed by the sensitive data leak detection feature each day.', example='10'),
  patchRules?: int32(name='PatchRules', description='Indicates whether virtual patching is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='0'),
  requestId?: string(name='RequestId', description='The request ID.', example='133173B9-8010-5DF5-8B93-********'),
  ruleClass?: int32(name='RuleClass', description='The level of the rule group for the IPS. Valid values:

*   **1**: loose
*   **2**: medium
*   **3**: strict', example='3'),
  runMode?: int32(name='RunMode', description='The mode of the IPS. Valid values:

*   **1**: block mode
*   **0**: monitor mode', example='0'),
}

model DescribeDefaultIPSConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeDefaultIPSConfigResponseBody(name='body'),
}

/**
 * @summary Queries the default intrusion prevention system (IPS) configurations.
 *
 * @param request DescribeDefaultIPSConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeDefaultIPSConfigResponse
 */
async function describeDefaultIPSConfigWithOptions(request: DescribeDefaultIPSConfigRequest, runtime: Util.RuntimeOptions): DescribeDefaultIPSConfigResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeDefaultIPSConfig',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the default intrusion prevention system (IPS) configurations.
 *
 * @param request DescribeDefaultIPSConfigRequest
 * @return DescribeDefaultIPSConfigResponse
 */
async function describeDefaultIPSConfig(request: DescribeDefaultIPSConfigRequest): DescribeDefaultIPSConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeDefaultIPSConfigWithOptions(request, runtime);
}

model DescribeDomainResolveRequest {
  domain?: string(name='Domain', description='The domain name whose DNS record you want to query.

This parameter is required.', example='www.aliyundoc.com'),
  ipVersion?: string(name='IpVersion', description='The IP version of the asset that is protected by Cloud Firewall. Valid values:

*   **4**: IPv4 (default)
*   **6**: IPv6', example='6'),
  lang?: string(name='Lang', description='The language of the content within the response.

Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model DescribeDomainResolveResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
  resolveResult?: {
    ipAddrs?: string(name='IpAddrs', description='The IP address to which the domain name is resolved. Multiple IP addresses are separated by commas (,).', example='11.1.X.X,12.1.X.X'),
    updateTime?: long(name='UpdateTime', description='The time when the domain name was resolved. The value of this parameter is a timestamp. Unit: seconds.', example='1579091739'),
  }(name='ResolveResult', description='The details about the DNS record of the domain name.'),
}

model DescribeDomainResolveResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeDomainResolveResponseBody(name='body'),
}

/**
 * @deprecated OpenAPI DescribeDomainResolve is deprecated
 *
 * @summary Queries Domain Name System (DNS) records.
 *
 * @description You can use this operation to query the DNS record of a domain name. This operation can retrieve DNS records only from Alibaba Cloud DNS. Before you can call this operation, make sure that your domain name is hosted on Alibaba Cloud DNS.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeDomainResolveRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeDomainResolveResponse
 */
// Deprecated
async function describeDomainResolveWithOptions(request: DescribeDomainResolveRequest, runtime: Util.RuntimeOptions): DescribeDomainResolveResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.domain)) {
    query['Domain'] = request.domain;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeDomainResolve',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @deprecated OpenAPI DescribeDomainResolve is deprecated
 *
 * @summary Queries Domain Name System (DNS) records.
 *
 * @description You can use this operation to query the DNS record of a domain name. This operation can retrieve DNS records only from Alibaba Cloud DNS. Before you can call this operation, make sure that your domain name is hosted on Alibaba Cloud DNS.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeDomainResolveRequest
 * @return DescribeDomainResolveResponse
 */
// Deprecated
async function describeDomainResolve(request: DescribeDomainResolveRequest): DescribeDomainResolveResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeDomainResolveWithOptions(request, runtime);
}

model DescribeDownloadTaskRequest {
  currentPage?: string(name='CurrentPage', description='The page number.', example='1'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  pageSize?: string(name='PageSize', description='The number of entries per page. Default value: 10. Maximum value: 50.', example='10'),
  taskType?: string(name='TaskType', description='The type of the task. For more information about task types, see the descriptions in the "DescribeDownloadTaskType" topic. If you do not specify this parameter, all files are queried by default.', example='InternetFirewallAsset'),
}

model DescribeDownloadTaskResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='3F2BED13-F3D0-5984-80D6-D5F298CFEA88'),
  tasks?: [ 
    {
      createTime?: long(name='CreateTime', description='The time when the task was created. The value is a UNIX timestamp. Unit: seconds.', example='1706595827'),
      expireTime?: long(name='ExpireTime', description='The time when the task expires. The value is a UNIX timestamp. Unit: seconds.', example='1714371828'),
      fileSize?: string(name='FileSize', description='The size of the file.', example='24.04KB'),
      fileURL?: string(name='FileURL', description='The URL of the OSS file.', example='https://cfw-table-download-cn.oss-cn-hangzhou.aliyuncs.com/%E4%BA%92%E8%81%94%E7%BD%91%E8%BE%B9%E7%95%8C%E9%98%B2%E7%81%AB%E5%A2%99%E8%B5%84%E4%BA%A7-IPv4_1069.csv?Expires=1708583913&OSSAccessKeyId=****&Signature=******%3D'),
      status?: string(name='Status', description='The status of the task. Valid values:

*   **finish**
*   **start**
*   **error**
*   **expire**: The task file is invalid and cannot be downloaded.', example='finish'),
      taskId?: string(name='TaskId', description='The task ID.', example='1111'),
      taskName?: string(name='TaskName', description='The name of the task.', example='Internet Boundary Firewall Assets - IPv4'),
      taskType?: string(name='TaskType', description='The type of the task.', example='InternetFirewallAsset'),
    }
  ](name='Tasks', description='The tasks.'),
  totalCount?: int32(name='TotalCount', description='The total number of tasks.', example='132'),
}

model DescribeDownloadTaskResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeDownloadTaskResponseBody(name='body'),
}

/**
 * @summary Queries file download tasks, including the task information and download URLs.
 *
 * @param request DescribeDownloadTaskRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeDownloadTaskResponse
 */
async function describeDownloadTaskWithOptions(request: DescribeDownloadTaskRequest, runtime: Util.RuntimeOptions): DescribeDownloadTaskResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.taskType)) {
    query['TaskType'] = request.taskType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeDownloadTask',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries file download tasks, including the task information and download URLs.
 *
 * @param request DescribeDownloadTaskRequest
 * @return DescribeDownloadTaskResponse
 */
async function describeDownloadTask(request: DescribeDownloadTaskRequest): DescribeDownloadTaskResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeDownloadTaskWithOptions(request, runtime);
}

model DescribeDownloadTaskTypeRequest {
  currentPage?: string(name='CurrentPage', description='The page number. Pages start from page 1. Default value: **1**.', example='1'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  pageSize?: string(name='PageSize', description='The number of entries per page. Default value: 10. Maximum value: 50.', example='10'),
  taskType?: string(name='TaskType', description='The type of the task.', example='InternetFirewallAsset'),
}

model DescribeDownloadTaskTypeResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='B835494C-D093-5524-BBDE-BD272077B40E'),
  taskTypeArray?: [ 
    {
      taskName?: string(name='TaskName', description='The name of the task type.', example='Internet Boundary Firewall Assets'),
      taskType?: string(name='TaskType', description='The type of the task.', example='InternetFirewallAsset'),
    }
  ](name='TaskTypeArray', description='The task types.'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='3'),
}

model DescribeDownloadTaskTypeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeDownloadTaskTypeResponseBody(name='body'),
}

/**
 * @summary Queries the types of download tasks. The type corresponds to the TaskType fields in the download task-related operations.
 *
 * @param request DescribeDownloadTaskTypeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeDownloadTaskTypeResponse
 */
async function describeDownloadTaskTypeWithOptions(request: DescribeDownloadTaskTypeRequest, runtime: Util.RuntimeOptions): DescribeDownloadTaskTypeResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.taskType)) {
    query['TaskType'] = request.taskType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeDownloadTaskType',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the types of download tasks. The type corresponds to the TaskType fields in the download task-related operations.
 *
 * @param request DescribeDownloadTaskTypeRequest
 * @return DescribeDownloadTaskTypeResponse
 */
async function describeDownloadTaskType(request: DescribeDownloadTaskTypeRequest): DescribeDownloadTaskTypeResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeDownloadTaskTypeWithOptions(request, runtime);
}

model DescribeInstanceMembersRequest {
  currentPage?: string(name='CurrentPage', description='The page number. Default value: **1**.', example='1'),
  memberDesc?: string(name='MemberDesc', description='The remarks of the member. The remarks must be 1 to 256 characters in length.', example='renewal'),
  memberDisplayName?: string(name='MemberDisplayName', description='The name of the member.', example='cloudfirewall_2'),
  memberUid?: string(name='MemberUid', description='The UID of the member.', example='258039427902****'),
  pageSize?: string(name='PageSize', description='The number of entries per page.

Default value: **20**.', example='20'),
}

model DescribeInstanceMembersResponseBody = {
  members?: [ 
    {
      createTime?: int32(name='CreateTime', description='The time when the member was added to Cloud Firewall. The value is a timestamp. Unit: seconds.', example='1615189819'),
      memberDesc?: string(name='MemberDesc', description='The remarks of the member.', example='renewal'),
      memberDisplayName?: string(name='MemberDisplayName', description='The name of the member.', example='cloudfirewall_2'),
      memberStatus?: string(name='MemberStatus', description='The status of the member. Valid values:

*   **normal**
*   **deleting**', example='normal'),
      memberUid?: long(name='MemberUid', description='The UID of the member.', example='258039427902****'),
      modifyTime?: int32(name='ModifyTime', description='The time when the member was last modified. The value is a timestamp. Unit: seconds.', example='1615189819'),
    }
  ](name='Members', description='The information about the member.'),
  pageInfo?: {
    currentPage?: int32(name='CurrentPage', description='The page number.', example='1'),
    pageSize?: int32(name='PageSize', description='The number of entries per page.', example='20'),
    totalCount?: int32(name='TotalCount', description='The total number of the members.', example='20'),
  }(name='PageInfo', description='The pagination information.'),
  requestId?: string(name='RequestId', description='The request ID.', example='A531AE1A-FBA2-48B6-BAB8-84D02BD409EE'),
}

model DescribeInstanceMembersResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeInstanceMembersResponseBody(name='body'),
}

/**
 * @summary Queries the information about members in Cloud Firewall.
 *
 * @description You can use this operation to query the information about members in Cloud Firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeInstanceMembersRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeInstanceMembersResponse
 */
async function describeInstanceMembersWithOptions(request: DescribeInstanceMembersRequest, runtime: Util.RuntimeOptions): DescribeInstanceMembersResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.memberDesc)) {
    query['MemberDesc'] = request.memberDesc;
  }
  if (!Util.isUnset(request.memberDisplayName)) {
    query['MemberDisplayName'] = request.memberDisplayName;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeInstanceMembers',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about members in Cloud Firewall.
 *
 * @description You can use this operation to query the information about members in Cloud Firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeInstanceMembersRequest
 * @return DescribeInstanceMembersResponse
 */
async function describeInstanceMembers(request: DescribeInstanceMembersRequest): DescribeInstanceMembersResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeInstanceMembersWithOptions(request, runtime);
}

model DescribeInstanceRiskLevelsRequest {
  instances?: [ 
    {
      instanceId?: string(name='InstanceId', description='The instance ID of your Cloud Firewall.', example='vipcloudfw-cn-7mz2fj8nm0u'),
      internetIp?: [ string ](name='InternetIp', description='The public IP addresses of instances.'),
      intranetIp?: string(name='IntranetIp', description='The private IP address of the instance.', example='172.17.XX.XX'),
      uuid?: string(name='Uuid', description='The UUID of the instance.', example='181ad081-e4f2-4e3e-b925-03b67f648397'),
    }
  ](name='Instances', description='The information about the instances.'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='en'),
}

model DescribeInstanceRiskLevelsResponseBody = {
  instanceRisks?: [ 
    {
      details?: [ 
        {
          ip?: string(name='Ip', description='The IP addresses of servers.', example='203.107.XX.XX'),
          level?: string(name='Level', description='The risk levels. Valid values:

*   **medium**', example='medium'),
          type?: string(name='Type', description='The type.', example='ResourceNotProtected'),
        }
      ](name='Details', description='The risk levels of the Elastic Compute Service (ECS) instance.'),
      instanceId?: string(name='InstanceId', description='The instance ID of your Cloud Firewall.', example='vipcloudfw-cn-7mz2fj8nm0u'),
      level?: string(name='Level', description='The risk levels. Valid values:

*   **medium**', example='medium'),
    }
  ](name='InstanceRisks', description='The information about the instances.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='9AABB1B7-C81F-5158-9EF9-B2DD5D3DA014'),
}

model DescribeInstanceRiskLevelsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeInstanceRiskLevelsResponseBody(name='body'),
}

/**
 * @summary Queries the risk levels of instances.
 *
 * @param request DescribeInstanceRiskLevelsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeInstanceRiskLevelsResponse
 */
async function describeInstanceRiskLevelsWithOptions(request: DescribeInstanceRiskLevelsRequest, runtime: Util.RuntimeOptions): DescribeInstanceRiskLevelsResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instances)) {
    query['Instances'] = request.instances;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeInstanceRiskLevels',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the risk levels of instances.
 *
 * @param request DescribeInstanceRiskLevelsRequest
 * @return DescribeInstanceRiskLevelsResponse
 */
async function describeInstanceRiskLevels(request: DescribeInstanceRiskLevelsRequest): DescribeInstanceRiskLevelsResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeInstanceRiskLevelsWithOptions(request, runtime);
}

model DescribeInternetOpenIpRequest {
  assetsInstanceId?: string(name='AssetsInstanceId', description='The instance ID.', example='i-uf6faknmuby7ezht****'),
  assetsInstanceName?: string(name='AssetsInstanceName', description='The instance name.', example='launch-advisor-2023****'),
  assetsType?: string(name='AssetsType', description='The asset type of the instance.', example='EcsEIP'),
  currentPage?: string(name='CurrentPage', description='The page number.

This parameter is required.', example='1'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.', example='1663640336'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  pageSize?: string(name='PageSize', description='The number of entries per page.

This parameter is required.', example='10'),
  port?: string(name='Port', description='The port number.', example='80'),
  publicIp?: string(name='PublicIp', description='The public IP address of the instance.', example='203.0.113.1'),
  regionNo?: string(name='RegionNo', description='The region ID of the instance.', example='cn-shanghai'),
  riskLevel?: string(name='RiskLevel', description='The risk level. If you leave this parameter empty, all risk levels are queried. Valid values:

*   **3**: high risk
*   **2**: medium risk
*   **1**: low risk
*   **0**: no risk', example='2'),
  serviceName?: string(name='ServiceName', description='The application.', example='SSH'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.', example='1681957629'),
}

model DescribeInternetOpenIpResponseBody = {
  dataList?: [ 
    {
      aclRecommendDetail?: string(name='AclRecommendDetail', description='The reason why recommended intelligent policies are unavailable. Valid values:

*   No recommended intelligent policies are available.
*   This feature is available only to some users.
*   The policy configuration has been modified. No recommended intelligent policies are available.
*   The recommended intelligent policies have been configured. No new recommended intelligent policies are available.', example='No recommended intelligent policies are available.'),
      assetsInstanceId?: string(name='AssetsInstanceId', description='The instance ID.', example='i-bp1ix9w22kv6aew9****'),
      assetsName?: string(name='AssetsName', description='The instance name.', example='launch-advisor-2023****'),
      assetsType?: string(name='AssetsType', description='The asset type of the instance.', example='EcsEIP'),
      detailNum?: int32(name='DetailNum', description='The total number of ports.', example='5'),
      hasAclRecommend?: boolean(name='HasAclRecommend', description='Specifies whether an access control policy is recommended. Valid values:

*   **true**
*   **false**', example='true'),
      portList?: [ string ](name='PortList', description='The list of ports.'),
      publicIp?: string(name='PublicIp', description='The public IP address of the instance.', example='203.0.113.1'),
      regionNo?: string(name='RegionNo', description='The region ID of the instance.', example='cn-shenzhen'),
      riskLevel?: int32(name='RiskLevel', description='The risk level. Valid values:

*   **3**: high risk
*   **2**: medium risk
*   **1**: low risk
*   **0**: no risk', example='3'),
      riskReason?: string(name='RiskReason', description='The reason for the risk.', example='Previous traffic is all malicious traffic.'),
      serviceNameList?: [ string ](name='ServiceNameList', description='The list of applications.'),
      srcIpCnt?: long(name='SrcIpCnt', description='Number of source IPs.', example='22'),
      totalReplyBytes?: long(name='TotalReplyBytes', description='Outbound traffic in the last 7 days.', example='100000'),
      trafficPercent1Day?: string(name='TrafficPercent1Day', description='The percentage of traffic of a day. Unit: percent (%).', example='11.1'),
      trafficPercent30Day?: string(name='TrafficPercent30Day', description='The percentage of traffic of 30 days. Unit: percent (%).', example='99.9'),
      trafficPercent7Day?: string(name='TrafficPercent7Day', description='The percentage of traffic of seven days. Unit: percent (%).', example='77.7'),
    }
  ](name='DataList', description='The data returned.'),
  pageInfo?: {
    currentPage?: int32(name='CurrentPage', description='The page number.', example='1'),
    pageSize?: int32(name='PageSize', description='The number of entries per page.', example='10'),
    totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='40'),
  }(name='PageInfo', description='The pagination information.'),
  requestId?: string(name='RequestId', description='The request ID.', example='6B780BD6-282C-51A9-A8E6-59F636BAFA54'),
}

model DescribeInternetOpenIpResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeInternetOpenIpResponseBody(name='body'),
}

/**
 * @summary Queries the IP addresses that are open to the Internet.
 *
 * @param request DescribeInternetOpenIpRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeInternetOpenIpResponse
 */
async function describeInternetOpenIpWithOptions(request: DescribeInternetOpenIpRequest, runtime: Util.RuntimeOptions): DescribeInternetOpenIpResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.assetsInstanceId)) {
    query['AssetsInstanceId'] = request.assetsInstanceId;
  }
  if (!Util.isUnset(request.assetsInstanceName)) {
    query['AssetsInstanceName'] = request.assetsInstanceName;
  }
  if (!Util.isUnset(request.assetsType)) {
    query['AssetsType'] = request.assetsType;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.port)) {
    query['Port'] = request.port;
  }
  if (!Util.isUnset(request.publicIp)) {
    query['PublicIp'] = request.publicIp;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.riskLevel)) {
    query['RiskLevel'] = request.riskLevel;
  }
  if (!Util.isUnset(request.serviceName)) {
    query['ServiceName'] = request.serviceName;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeInternetOpenIp',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the IP addresses that are open to the Internet.
 *
 * @param request DescribeInternetOpenIpRequest
 * @return DescribeInternetOpenIpResponse
 */
async function describeInternetOpenIp(request: DescribeInternetOpenIpRequest): DescribeInternetOpenIpResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeInternetOpenIpWithOptions(request, runtime);
}

model DescribeInternetTrafficTrendRequest {
  direction?: string(name='Direction', description='The direction of the internet traffic.

Valid values:

*   **in**: inbound traffic
*   **out**: outbound traffic', example='in'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1674958929'),
  lang?: string(name='Lang', description='The language of the content in the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  sourceCode?: string(name='SourceCode', description='The source code.

This parameter is required.', example='yundun'),
  sourceIp?: string(name='SourceIp', description='The IP address of the access source.', example='101.80.171.196', deprecated=true),
  srcPrivateIP?: string(name='SrcPrivateIP', description='The private IP address of the source.', example='10.100.134.60'),
  srcPublicIP?: string(name='SrcPublicIP', description='The public IP address of the source.', example='47.112.210.136'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1670307484'),
  trafficType?: string(name='TrafficType', description='The type of the traffic that is captured. Valid values:

*   **max** (default): peak traffic
*   **avg**: average traffic', example='max'),
}

model DescribeInternetTrafficTrendResponseBody = {
  avgInBps?: long(name='AvgInBps', description='The average inbound network throughput, which indicates the average number of bits that are sent inbound per second. Unit: bit/s.', example='6114152'),
  avgOutBps?: long(name='AvgOutBps', description='The average outbound network throughput, which indicates the average number of bits that are sent outbound per second. Unit: bit/s.', example='70148993'),
  avgSession?: long(name='AvgSession', description='The average number of requests.', example='79013'),
  avgTotalBps?: long(name='AvgTotalBps', description='The total average inbound and outbound network throughput, which indicates the average number of bits that are sent inbound and outbound per second. Unit: bit/s.', example='2306'),
  dataList?: [ 
    {
      inBps?: long(name='InBps', description='The inbound network throughput, which indicates the number of bits that are sent inbound per second. Unit: bit/s.', example='187'),
      inBytes?: long(name='InBytes', description='The inbound network throughput, which indicates the total number of bytes that are sent inbound. Unit: bytes.', example='235'),
      inPps?: long(name='InPps', description='The inbound network throughput, which indicates the number of packets that are sent inbound per second. Unit: packets per second (pps).', example='2'),
      newConn?: long(name='NewConn', description='The number of new connections.', example='27'),
      outBps?: long(name='OutBps', description='The outbound network throughput, which indicates the number of bits that are sent outbound per second. Unit: bit/s.', example='45'),
      outBytes?: long(name='OutBytes', description='The outbound network throughput, which indicates the total number of bytes that are sent outbound. Unit: bytes.', example='1123'),
      outPps?: long(name='OutPps', description='The outbound network throughput, which indicates the number of packets that are sent outbound per second. Unit: pps.', example='2'),
      sessionCount?: long(name='SessionCount', description='The number of requests.', example='27'),
      time?: int32(name='Time', description='The time when traffic is generated. The value is a UNIX timestamp. Unit: seconds.

If processing is not complete at this point in time, -1 is returned for all other fields.', example='1659405600'),
      totalBps?: long(name='TotalBps', description='The total outbound and inbound network throughput, which indicates the total number of bits that are sent inbound and outbound per second. Unit: bit/s.', example='323'),
    }
  ](name='DataList', description='The statistics on traffic.'),
  maxBandwidthTime?: long(name='MaxBandwidthTime', description='The timestamp generated when the bandwidth reaches the peak value. The value is a UNIX timestamp. Unit: seconds.', example='1672736400'),
  maxDayExceedBytes?: long(name='MaxDayExceedBytes', description='The maximum volume of excess traffic allowed per day.', example='873'),
  maxInBps?: long(name='MaxInBps', description='The maximum inbound network throughput, which indicates the maximum number of bits that are sent inbound per second. Unit: bit/s.', example='10275643'),
  maxOutBps?: long(name='MaxOutBps', description='The maximum outbound network throughput, which indicates the maximum number of bits that are sent outbound per second. Unit: bit/s.', example='395188'),
  maxSession?: long(name='MaxSession', description='The number of requests during the peak hour of the network throughout.', example='931641'),
  maxTotalBps?: long(name='MaxTotalBps', description='The total maximum inbound and outbound network throughput, which indicates the maximum number of bits that are sent inbound and outbound per second. Unit: bit/s.', example='89783147'),
  requestId?: string(name='RequestId', description='The request ID.', example='C7E837BE-0379-565E-B7B4-DE595C8D337C'),
  totalBytes?: long(name='TotalBytes', description='The total inbound and outbound network throughput, which indicates the total number of bytes that are sent inbound and outbound. Unit: bytes.', example='963227674958'),
  totalExceedBytes?: long(name='TotalExceedBytes', description='The total volume of excess traffic.', example='4243873'),
  totalInBytes?: long(name='TotalInBytes', description='The inbound network throughput, which indicates the total number of bytes that are sent inbound. Unit: bytes.', example='41536824243873'),
  totalOutBytes?: long(name='TotalOutBytes', description='The outbound network throughput, which indicates the total number of bytes that are sent outbound. Unit: bytes.', example='2660894567178'),
  totalSession?: long(name='TotalSession', description='The total number of requests.', example='1061449'),
}

model DescribeInternetTrafficTrendResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeInternetTrafficTrendResponseBody(name='body'),
}

/**
 * @summary Queries the trends of Internet traffic.
 *
 * @param request DescribeInternetTrafficTrendRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeInternetTrafficTrendResponse
 */
async function describeInternetTrafficTrendWithOptions(request: DescribeInternetTrafficTrendRequest, runtime: Util.RuntimeOptions): DescribeInternetTrafficTrendResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceCode)) {
    query['SourceCode'] = request.sourceCode;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.srcPrivateIP)) {
    query['SrcPrivateIP'] = request.srcPrivateIP;
  }
  if (!Util.isUnset(request.srcPublicIP)) {
    query['SrcPublicIP'] = request.srcPublicIP;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.trafficType)) {
    query['TrafficType'] = request.trafficType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeInternetTrafficTrend',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the trends of Internet traffic.
 *
 * @param request DescribeInternetTrafficTrendRequest
 * @return DescribeInternetTrafficTrendResponse
 */
async function describeInternetTrafficTrend(request: DescribeInternetTrafficTrendRequest): DescribeInternetTrafficTrendResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeInternetTrafficTrendWithOptions(request, runtime);
}

model DescribeInvadeEventListRequest {
  assetsIP?: string(name='AssetsIP', description='The IP address of the affected asset.', example='10.0.XX.XX'),
  assetsInstanceId?: string(name='AssetsInstanceId', description='The ID of the instance.', example='ins_1321_asedb_****'),
  assetsInstanceName?: string(name='AssetsInstanceName', description='The name of the instance.', example='ECS_test'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return.

Default value: 1.', example='1'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the query ends at the current time.', example='1656837360'),
  eventKey?: string(name='EventKey', description='The ID of the breach awareness event.', example='69d189e2-ec17-4676-a2fe-02969234****'),
  eventName?: string(name='EventName', description='The name of the breach awareness event.', example='event_test'),
  eventUuid?: string(name='EventUuid', description='The UUID of the breach awareness event.', example='fadd-dfdd-****'),
  isIgnore?: string(name='IsIgnore', description='Specifies whether the breach awareness event is ignored. Valid values:

*   **true**: The breach awareness event is ignored.
*   **false**: The breach awareness event is not ignored.', example='true'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: long(name='MemberUid', description='The ID of the member.', example='135809047715****'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Default value: 6. Maximum value: 10.', example='1'),
  processStatusList?: [ int32 ](name='ProcessStatusList', description='The handling status of breach awareness events.'),
  riskLevel?: [ int32 ](name='RiskLevel', description='The risk levels.'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds. If you do not specify this parameter, the query starts from 30 days before the current time.', example='1656750960'),
}

model DescribeInvadeEventListResponseBody = {
  eventList?: [ 
    {
      assetsInstanceId?: string(name='AssetsInstanceId', description='The ID of the affected asset.', example='i-ECS****'),
      assetsInstanceName?: string(name='AssetsInstanceName', description='The name of the affected asset.', example='ECS_test'),
      assetsType?: string(name='AssetsType', description='The type of the affected asset. Valid values:

*   **BastionHostIP**: the egress IP address of a bastion host
*   **BastionHostIngressIP**: the ingress IP address of a bastion host
*   **EcsEIP**: the elastic IP address (EIP) of an Elastic Compute Service (ECS) instance
*   **EcsPublicIP**: the public IP address of an ECS instance
*   **EIP**: the EIP
*   **EniEIP**: the EIP of an elastic network interface (ENI)
*   **NatEIP**: the EIP of a NAT gateway
*   **SlbEIP**: the EIP of a Server Load Balancer (SLB) instance
*   **SlbPublicIP**: the public IP address of an SLB instance
*   **NatPublicIP**: the public IP address of a NAT gateway
*   **HAVIP**: the high-availability virtual IP address (HAVIP)', example='EcsPublicIp'),
      eventKey?: string(name='EventKey', description='The ID of the breach awareness event.', example='69d189e2-ec17-4676-a2fe-02969234****'),
      eventName?: string(name='EventName', description='The name of the breach awareness event.', example='event_test'),
      eventSrc?: string(name='EventSrc', description='The type of the breach awareness event. Valid values:

*   **IPS**: intrusion prevention event
*   **offline**: disconnection event', example='IPS'),
      eventUuid?: string(name='EventUuid', description='The UUID of the breach awareness event.', example='fadd-dfdd-****'),
      firstTime?: int32(name='FirstTime', description='The time when the breach awareness event first occurred. The value is a UNIX timestamp. Unit: seconds.', example='1656750960'),
      isIgnore?: boolean(name='IsIgnore', description='Indicates whether the breach awareness event is ignored. Valid values:

*   **true**: The breach awareness event is ignored.
*   **false**: The breach awareness event is not ignored.', example='true'),
      lastTime?: int32(name='LastTime', description='The time when the breach awareness event last occurred. The value is a UNIX timestamp. Unit: seconds.', example='1656837360'),
      memberUid?: string(name='MemberUid', description='The ID of the member.', example='135809047715****'),
      privateIP?: string(name='PrivateIP', description='The private IP address of the affected asset.', example='192.168.XX.XX'),
      processStatus?: int32(name='ProcessStatus', description='The handling status of the breach awareness event. Valid values:

*   **0**: unhandled
*   **20**: handled', example='20'),
      publicIP?: string(name='PublicIP', description='The public IP address of the affected asset.', example='198.51.XX.XX'),
      publicIpType?: string(name='PublicIpType', description='The type of the affected asset. Valid values:

*   **BastionHostIP**: the egress IP address of a bastion host
*   **BastionHostIngressIP**: the ingress IP address of a bastion host
*   **EcsEIP**: the EIP of an ECS instance
*   **EcsPublicIP**: the public IP address of an ECS instance
*   **EIP**: the EIP
*   **EniEIP**: the EIP of an ENI
*   **NatEIP**: the EIP of a NAT gateway
*   **SlbEIP**: the EIP of an SLB instance
*   **SlbPublicIP**: the public IP address of an SLB instance
*   **NatPublicIP**: the public IP address of a NAT gateway
*   **HAVIP**: the HAVIP', example='EcsPublicIp'),
      riskLevel?: int32(name='RiskLevel', description='The risk level. Valid values:

*   **1**: low
*   **2**: medium
*   **3**: high', example='1'),
    }
  ](name='EventList', description='An array that consists of breach awareness events.'),
  highLevelPercent?: int32(name='HighLevelPercent', description='The percentage of high-risk events.', example='40'),
  lowLevelPercent?: int32(name='LowLevelPercent', description='The percentage of low-risk events.', example='20'),
  middleLevelPercent?: int32(name='MiddleLevelPercent', description='The percentage of medium-risk events.', example='40'),
  pageInfo?: {
    currentPage?: int32(name='CurrentPage', description='The page number of the returned page.', example='1'),
    pageSize?: int32(name='PageSize', description='The number of entries returned per page.', example='10'),
    totalCount?: int32(name='TotalCount', description='The total number of breach awareness events.', example='40'),
  }(name='PageInfo', description='The pagination information.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='F0F82705-CFC7-5F83-86C8-A063892F****'),
}

model DescribeInvadeEventListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeInvadeEventListResponseBody(name='body'),
}

/**
 * @summary Queries the information about the breach awareness events of a firewall.
 *
 * @param request DescribeInvadeEventListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeInvadeEventListResponse
 */
async function describeInvadeEventListWithOptions(request: DescribeInvadeEventListRequest, runtime: Util.RuntimeOptions): DescribeInvadeEventListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.assetsIP)) {
    query['AssetsIP'] = request.assetsIP;
  }
  if (!Util.isUnset(request.assetsInstanceId)) {
    query['AssetsInstanceId'] = request.assetsInstanceId;
  }
  if (!Util.isUnset(request.assetsInstanceName)) {
    query['AssetsInstanceName'] = request.assetsInstanceName;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.eventKey)) {
    query['EventKey'] = request.eventKey;
  }
  if (!Util.isUnset(request.eventName)) {
    query['EventName'] = request.eventName;
  }
  if (!Util.isUnset(request.eventUuid)) {
    query['EventUuid'] = request.eventUuid;
  }
  if (!Util.isUnset(request.isIgnore)) {
    query['IsIgnore'] = request.isIgnore;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.processStatusList)) {
    query['ProcessStatusList'] = request.processStatusList;
  }
  if (!Util.isUnset(request.riskLevel)) {
    query['RiskLevel'] = request.riskLevel;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeInvadeEventList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about the breach awareness events of a firewall.
 *
 * @param request DescribeInvadeEventListRequest
 * @return DescribeInvadeEventListResponse
 */
async function describeInvadeEventList(request: DescribeInvadeEventListRequest): DescribeInvadeEventListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeInvadeEventListWithOptions(request, runtime);
}

model DescribeNatAclPageStatusRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='en'),
}

model DescribeNatAclPageStatusResponseBody = {
  detail?: string(name='Detail', description='Extra error information.', example='proxy_not_exist'),
  natAclPageEnable?: boolean(name='NatAclPageEnable', description='Indicates whether pagination for access control policies for NAT firewalls is supported.', example='True'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='B97F9AD7-A2DB-5F8F-9206-DF89DE0AC9E8'),
}

model DescribeNatAclPageStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeNatAclPageStatusResponseBody(name='body'),
}

/**
 * @summary Queries the pagination status of NAT firewalls.
 *
 * @param request DescribeNatAclPageStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeNatAclPageStatusResponse
 */
async function describeNatAclPageStatusWithOptions(request: DescribeNatAclPageStatusRequest, runtime: Util.RuntimeOptions): DescribeNatAclPageStatusResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeNatAclPageStatus',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the pagination status of NAT firewalls.
 *
 * @param request DescribeNatAclPageStatusRequest
 * @return DescribeNatAclPageStatusResponse
 */
async function describeNatAclPageStatus(request: DescribeNatAclPageStatusRequest): DescribeNatAclPageStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeNatAclPageStatusWithOptions(request, runtime);
}

model DescribeNatFirewallControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic.

Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.', example='accept'),
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.', example='303f0697-2a21-4e43-b142-4a77adf7b358'),
  currentPage?: string(name='CurrentPage', description='The page number.', example='1'),
  description?: string(name='Description', description='The description of the access control policy. Fuzzy match is supported.

> If you do not specify this parameter, the descriptions of all policies are queried.', example='test'),
  destination?: string(name='Destination', description='The destination address in the access control policy. Fuzzy match is supported. The value of this parameter varies based on the value of the DestinationType parameter.

*   If DestinationType is set to `net`, the value of Destination must be a CIDR block. Example: 10.0.3.0/24.
*   If DestinationType is set to `domain`, the value of Destination must be a domain name. Example: aliyun.
*   If DestinationType is set to `group`, the value of Destination must be the name of an address book. Example: db_group.
*   If DestinationType is set to `location`, the value of Destination is a location. For more information about location codes, see [AddControlPolicy](https://help.aliyun.com/document_detail/474128.html). Example: ["BJ11", "ZB"].

> If you do not specify this parameter, all types of destination addresses are queried.', example='x.x.x.x/32'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies. Valid values:

*   **out**: outbound traffic

This parameter is required.', example='out'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngw-xxxxxx'),
  pageSize?: string(name='PageSize', description='The number of entries per page. Default value: 10.', example='10'),
  proto?: string(name='Proto', description='The type of the protocol in the access control policy. Valid values:

*   **TCP**
*   **UDP**
*   **ICMP**
*   **ANY**: all types of protocols

> If you do not specify this parameter, access control policies of all protocol types are queried.', example='ANY'),
  release?: string(name='Release', description='Specifies whether the access control policy is enabled. By default, an access control policy is enabled after it is created. Valid values:

*   **true**
*   **false**', example='true'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy. Fuzzy match is supported. The value of this parameter varies based on the value of the SourceType parameter.

*   If SourceType is set to `net`, the value of Source must be a CIDR block. Example: 192.0.XX.XX/24.
*   If SourceType is set to `group`, the value of Source must be the name of an address book. Example: db_group. If the db_group address book does not contain addresses, all source addresses are queried.
*   If SourceType is set to `location`, the value of Source must be a location. Example: beijing.

> If you do not specify this parameter, all types of source addresses are queried.', example='1.1.1.1/32'),
}

model DescribeNatFirewallControlPolicyResponseBody = {
  policys?: [ 
    {
      aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.', example='accept'),
      aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.', example='00281255-d220-4db1-8f4f-c4df221a****'),
      applicationNameList?: [ string ](name='ApplicationNameList', description='The application names.'),
      createTime?: long(name='CreateTime', description='The time when the access control policy was created.', example='1761062400'),
      description?: string(name='Description', description='The description of the access control policy.', example='test'),
      destPort?: string(name='DestPort', description='The destination port in the access control policy.', example='80'),
      destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.', example='my_port_group'),
      destPortGroupPorts?: [ string ](name='DestPortGroupPorts', description='The ports in the destination port address book.'),
      destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy. Valid values:

*   **port**: port
*   **group**: port address book', example='port'),
      destination?: string(name='Destination', description='The destination address in the access control policy. The value of this parameter varies based on the value of DestinationType. Valid values:

*   If the value of **DestinationType** is **net**, the value of this parameter is a CIDR block. Example: 192.0.XX.XX/24.
*   If the value of **DestinationType** is **domain**, the value of this parameter is a domain name. Example: aliyuncs.com.
*   If the value of **DestinationType** is **group**, the value of this parameter is the name of an address book. Example: db_group.
*   If the value of **DestinationType** is **location**, the value of this parameter is a location. For more information about location codes, see [AddControlPolicy](https://help.aliyun.com/document_detail/138867.html). Example: ["BJ11", "ZB"].', example='x.x.x.x/32'),
      destinationGroupCidrs?: [ string ](name='DestinationGroupCidrs', description='The CIDR blocks in the destination address book.'),
      destinationGroupType?: string(name='DestinationGroupType', description='The type of the destination address book in the access control policy. Valid values:

*   **ip**: an address book that includes one or more CIDR blocks
*   **domain**: an address book that includes one or more domain names', example='ip'),
      destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name
*   **location**: location', example='net'),
      dnsResult?: string(name='DnsResult', description='The DNS resolution result.', example='111.0.XX.XX,112.0.XX.XX'),
      dnsResultTime?: long(name='DnsResultTime', description='The time when the Domain Name System (DNS) resolution was performed. The value is a UNIX timestamp. Unit: seconds.', example='1579261141'),
      domainResolveType?: int32(name='DomainResolveType', description='The domain name resolution method of the access control policy. By default, an access control policy is enabled after the policy is created. Valid values:

*   **0**: fully qualified domain name (FQDN)-based resolution
*   **1**: DNS-based dynamic resolution
*   **2**: FQDN and DNS-based dynamic resolution', example='1'),
      endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The end time must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If RepeatType is set to Permanent, this parameter is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, this parameter must be specified.', example='1694764800'),
      hitLastTime?: long(name='HitLastTime', description='The time when the access control policy was last hit. The value is a UNIX timestamp. Unit: seconds.', example='1579261141'),
      hitTimes?: int32(name='HitTimes', description='The number of hits for the access control policy.', example='100'),
      modifyTime?: long(name='ModifyTime', description='The time when the access control policy was modified.', example='1761062400'),
      natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.', example='ngw-xxxxxx'),
      order?: int32(name='Order', description='The priority of the access control policy.

The priority value starts from 1. A smaller priority value indicates a higher priority.', example='1'),
      proto?: string(name='Proto', description='The protocol type in the access control policy. Valid values:

*   **ANY**
*   **TCP**
*   **UDP**
*   **ICMP**', example='TCP'),
      release?: string(name='Release', description='The status of the access control policy. By default, an access control policy is enabled after it is created. Valid values:

*   **true**: enabled
*   **false**: disabled', example='true'),
      repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If RepeatType is set to `Permanent`, `None`, or `Daily`, the value of this parameter is an empty array. Example: [].
*   If RepeatType is set to Weekly, this parameter must be specified. Example: [0, 6].

>  If RepeatType is set to Weekly, the fields in the value of this parameter cannot be repeated.

*   If RepeatType is set to `Monthly`, this parameter must be specified. Example: [1, 31].

>  If RepeatType is set to Monthly, the fields in the value of this parameter cannot be repeated.'),
      repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The end time must be on the hour or on the half hour, and at least 30 minutes later than the start time.

>  If RepeatType is set to Permanent or None, this parameter is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='23:30'),
      repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The start time must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If RepeatType is set to Permanent or None, this parameter is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='08:00'),
      repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
      source?: string(name='Source', description='The source address in the access control policy. Valid values:

*   If the value of **SourceType** is `net`, the value of this parameter is a CIDR block. Example: 192.0.XX.XX/24.
*   If the value of **SourceType** is `group`, the value of this parameter is the name of an address book. Example: db_group.
*   If the value of **SourceType** is `location`, the value of this parameter is a location. For more information about location codes, see [AddControlPolicy](https://help.aliyun.com/document_detail/138867.html). Example: ["BJ11", "ZB"].', example='192.0.XX.XX/24'),
      sourceGroupCidrs?: [ string ](name='SourceGroupCidrs', description='The CIDR blocks in the source address book.'),
      sourceGroupType?: string(name='SourceGroupType', description='The type of the source address book in the access control policy. The value is fixed as **ip**. The value indicates an address book that includes one or more CIDR blocks.', example='ip'),
      sourceType?: string(name='SourceType', description='The type of the source address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **location**: location', example='net'),
      spreadCnt?: string(name='SpreadCnt', description='The total quota consumed by the returned access control policies, which is the sum of the quota consumed by each policy. The quota that is consumed by an access control policy is calculated by using the following formula: Quota that is consumed by an access control policy = Number of source addresses (number of CIDR blocks or regions) × Number of destination addresses (number of CIDR blocks, regions, or domain names) × Number of port ranges × Number of applications.', example='10,000'),
      startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The start time must be on the hour or on the half hour, and at least 30 minutes earlier than the end time.

>  If RepeatType is set to Permanent, this parameter is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, this parameter must be specified.', example='1694761200'),
    }
  ](name='Policys', description='The information about the access control policies.'),
  requestId?: string(name='RequestId', description='The request ID.', example='F183567D-8A52-5BAE-9472-F1C427378C28'),
  totalCount?: string(name='TotalCount', description='The total number of entries returned.', example='28'),
}

model DescribeNatFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeNatFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the information about all access control policies that are created for NAT firewalls.
 *
 * @description You can use this operation to query the information about all access control policies that are created for NAT firewalls by page.
 *
 * @param request DescribeNatFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeNatFirewallControlPolicyResponse
 */
async function describeNatFirewallControlPolicyWithOptions(request: DescribeNatFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): DescribeNatFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeNatFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about all access control policies that are created for NAT firewalls.
 *
 * @description You can use this operation to query the information about all access control policies that are created for NAT firewalls by page.
 *
 * @param request DescribeNatFirewallControlPolicyRequest
 * @return DescribeNatFirewallControlPolicyResponse
 */
async function describeNatFirewallControlPolicy(request: DescribeNatFirewallControlPolicyRequest): DescribeNatFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeNatFirewallControlPolicyWithOptions(request, runtime);
}

model DescribeNatFirewallListRequest {
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:
*   **zh** (default)
*   **en**', example='zh'),
  memberUid?: long(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='147783******'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.', example='nat-bp123456g******'),
  pageNo?: long(name='PageNo', description='The page number.', example='1'),
  pageSize?: long(name='PageSize', description='The number of entries per page.

Default value: **10**.**** Maximum value: **50**.', example='10'),
  proxyId?: string(name='ProxyId', description='The ID of the NAT firewall.', example='proxy-nat97a******'),
  proxyName?: string(name='ProxyName', description='The name of the NAT firewall. The name must be 4 to 50 characters in length, and can contain letters, digits, and underscores (_). The name cannot start with an underscore.', example='proxy-******'),
  regionNo?: string(name='RegionNo', description='The region ID of the virtual private cloud (VPC).', example='cn-hangzhou'),
  status?: string(name='Status', description='The status of the NAT firewall. Valid values:

*   configuring
*   deleting
*   normal
*   abnormal
*   opening
*   closing
*   closed', example='normal'),
  vpcId?: string(name='VpcId', description='The ID of the VPC.', example='vpc-8vbwbo90rq0anm6t****'),
}

model DescribeNatFirewallListResponseBody = {
  natFirewallList?: [ 
    {
      aliUid?: long(name='AliUid', description='The UID of the Alibaba Cloud account.

>  The value of this parameter indicates the management account to which the member is added.', example='19106481******'),
      errorDetail?: string(name='ErrorDetail', description='The cause of the error.', example='Create Failed.'),
      memberUid?: long(name='MemberUid', description='The UID of the member in Cloud Firewall.', example='19106481******'),
      natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.', example='ngw-uf6tnblxip4qcxg******'),
      natGatewayName?: string(name='NatGatewayName', description='The name of the NAT gateway.', example='nat-******'),
      natRouteEntryList?: [ 
        {
          destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the default route.', example='0.0.0.0/0'),
          nextHopId?: string(name='NextHopId', description='The next hop of the original NAT gateway.', example='ngw-2ze0s284r9atg5******'),
          nextHopType?: string(name='NextHopType', description='The network type of the next hop. The value is fixed as NatGateway.', example='NatGateway'),
          routeTableId?: string(name='RouteTableId', description='The route table to which the default route of the NAT gateway belongs.', example='vtb-bp18o0gb******'),
        }
      ](name='NatRouteEntryList', description='The default route entries of the NAT gateway.'),
      proxyId?: string(name='ProxyId', description='The ID of the NAT firewall.', example='proxy-nat30******'),
      proxyName?: string(name='ProxyName', description='The name of the NAT firewall.', example='proxy-******'),
      proxyStatus?: string(name='ProxyStatus', description='The status of the NAT firewall. Valid values:

*   configuring
*   deleting
*   normal
*   abnormal
*   opening
*   closing
*   closed', example='normal'),
      regionId?: string(name='RegionId', description='The region ID of your Cloud Firewall.

>  For more information about the supported regions of Cloud Firewall, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).', example='cn-qingdao'),
      strictMode?: int32(name='StrictMode', description='Indicates whether the strict mode is enabled. Valid values: 1, which specifies yes, and 0, which specifies no.', example='0'),
      vpcId?: string(name='VpcId', description='The ID of the VPC.', example='vpc-2ze26ya******'),
      vpcName?: string(name='VpcName', description='The name of the VPC.', example='vpc-******'),
    }
  ](name='NatFirewallList', description='The NAT firewalls.'),
  requestId?: string(name='RequestId', description='The request ID.', example='15FCCC52-1E23-57AE-B5EF-3E00A3******'),
  totalCount?: int32(name='TotalCount', description='The total number of NAT firewalls.', example='10'),
}

model DescribeNatFirewallListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeNatFirewallListResponseBody(name='body'),
}

/**
 * @summary Queries details of NAT firewalls.
 *
 * @param request DescribeNatFirewallListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeNatFirewallListResponse
 */
async function describeNatFirewallListWithOptions(request: DescribeNatFirewallListRequest, runtime: Util.RuntimeOptions): DescribeNatFirewallListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  if (!Util.isUnset(request.pageNo)) {
    query['PageNo'] = request.pageNo;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.proxyId)) {
    query['ProxyId'] = request.proxyId;
  }
  if (!Util.isUnset(request.proxyName)) {
    query['ProxyName'] = request.proxyName;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.status)) {
    query['Status'] = request.status;
  }
  if (!Util.isUnset(request.vpcId)) {
    query['VpcId'] = request.vpcId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeNatFirewallList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries details of NAT firewalls.
 *
 * @param request DescribeNatFirewallListRequest
 * @return DescribeNatFirewallListResponse
 */
async function describeNatFirewallList(request: DescribeNatFirewallListRequest): DescribeNatFirewallListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeNatFirewallListWithOptions(request, runtime);
}

model DescribeNatFirewallPolicyPriorUsedRequest {
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies.

Valid values:

*   **out**: outbound traffic

This parameter is required.', example='out'),
  ipVersion?: string(name='IpVersion', description='The IP version supported by the access control policy. Valid values:

*   **4**: IPv4 (default)', example='4'),
  lang?: string(name='Lang', description='The language of the content within the request and the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngw-xxxxxx'),
}

model DescribeNatFirewallPolicyPriorUsedResponseBody = {
  end?: int32(name='End', description='The lowest priority for the access control policy.', example='28'),
  requestId?: string(name='RequestId', description='The request ID.', example='BCDF3907-1011-5504-B015-CC7603C0E6B6'),
  start?: int32(name='Start', description='The highest priority for the access control policy.', example='1'),
}

model DescribeNatFirewallPolicyPriorUsedResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeNatFirewallPolicyPriorUsedResponseBody(name='body'),
}

/**
 * @summary Queries the priority range of access control policies that are created for a NAT firewall.
 *
 * @description You can use this operation to query the priority range of access control policies that are created for a NAT firewall.
 *
 * @param request DescribeNatFirewallPolicyPriorUsedRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeNatFirewallPolicyPriorUsedResponse
 */
async function describeNatFirewallPolicyPriorUsedWithOptions(request: DescribeNatFirewallPolicyPriorUsedRequest, runtime: Util.RuntimeOptions): DescribeNatFirewallPolicyPriorUsedResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeNatFirewallPolicyPriorUsed',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the priority range of access control policies that are created for a NAT firewall.
 *
 * @description You can use this operation to query the priority range of access control policies that are created for a NAT firewall.
 *
 * @param request DescribeNatFirewallPolicyPriorUsedRequest
 * @return DescribeNatFirewallPolicyPriorUsedResponse
 */
async function describeNatFirewallPolicyPriorUsed(request: DescribeNatFirewallPolicyPriorUsedRequest): DescribeNatFirewallPolicyPriorUsedResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeNatFirewallPolicyPriorUsedWithOptions(request, runtime);
}

model DescribeOutgoingDestinationIPRequest {
  applicationName?: string(name='ApplicationName', description='The application type in the access control policy. Valid values:

*   **FTP**
*   **HTTP**
*   **HTTPS**
*   **Memcache**
*   **MongoDB**
*   **MQTT**
*   **MySQL**
*   **RDP**
*   **Redis**
*   **SMTP**
*   **SMTPS**
*   **SSH**
*   **SSL_No_Cert**
*   **SSL**
*   **VNC**

>  The value of this parameter depends on the value of Proto. If you set Proto to TCP, you can set ApplicationNameList to any valid value. If you specify both ApplicationNameList and ApplicationName, only the value of ApplicationNameList is used.', example='FTP'),
  categoryId?: string(name='CategoryId', description='The ID of the service to which the destination IP address belongs. This parameter is left empty by default. Valid values:

*   **All**: all services
*   **RiskDomain**: risky domain names
*   **RiskIP**: risky IP addresses
*   **AliYun**: Alibaba Cloud services
*   **NotAliYun**: third-party services', example='All'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return.

Default value: 1.', example='1'),
  dstIP?: string(name='DstIP', description='The destination IP address in the outbound connection that is initiated to access a domain name.', example='10.0.XX.XX'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1656923760'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  order?: string(name='Order', description='The method that you want to use to sort the query results. Valid values:

*   **asc**
*   **desc** (default)', example='desc'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Default value: 6. Maximum value: 10.', example='10'),
  port?: string(name='Port', description='The port number.', example='80'),
  privateIP?: string(name='PrivateIP', description='The private IP address of the ECS instance that initiates the outbound connection.', example='192.168.XX.XX'),
  publicIP?: string(name='PublicIP', description='The public IP address of the Elastic Compute Service (ECS) instance that initiates the outbound connection.', example='192.0.XX.XX'),
  sort?: string(name='Sort', description='The field based on which you want to sort the query results. Valid values:

*   **SessionCount** (default): the number of requests.
*   **TotalBytes**: the total volume of traffic.', example='SessionCount'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1656837360'),
  tagIdNew?: string(name='TagIdNew', description='The ID of the tag. Valid values:

*   **AliYun**: Alibaba Cloud service
*   **RiskDomain**: risky domain name
*   **RiskIP**: risky IP address
*   **TrustedDomain**: trusted website
*   **AliPay**: Alipay
*   **DingDing**: DingTalk
*   **WeChat**: WeChat
*   **QQ**: Tencent QQ
*   **SecurityService**: security service
*   **Microsoft**: Microsoft
*   **Amazon**: Amazon Web Services (AWS)
*   **Pan**: cloud disk
*   **Map**: map
*   **Code**: code hosting
*   **SystemService**: system service
*   **Taobao**: Taobao
*   **Google**: Google
*   **ThirdPartyService**: third-party service
*   **FirstFlow**: the first time
*   **Downloader**: malicious download
*   **Alexa Top1M**: popular website
*   **Miner**: mining pool
*   **Intelligence**: threat intelligence
*   **DDoS**: DDoS trojan
*   **Ransomware**: ransomware
*   **Spyware**: spyware
*   **Rogue**: rogue software
*   **Botnet**: botnet
*   **Suspicious**: suspicious website
*   **C\\\\&C**: command and control (C\\\\&C)
*   **Gang**: gang
*   **CVE**: Common Vulnerabilities and Exposures (CVE)
*   **Backdoor**: webshell
*   **Phishing**: phishing website
*   **APT**: advanced persistent threat (APT) attack
*   **Supply Chain Attack**: supply chain attack
*   **Malicious software**: malware', example='AliYun'),
}

model DescribeOutgoingDestinationIPResponseBody = {
  dstIPList?: [ 
    {
      aclCoverage?: string(name='AclCoverage', description='Indicates whether an access control policy is configured. Valid values:

*   **Uncovered**: no
*   **FullCoverage**: yes', example='Uncovered'),
      aclRecommendDetail?: string(name='AclRecommendDetail', description='The suggestion to configure an access control policy.', example='Allows the traffic.'),
      aclStatus?: string(name='AclStatus', description='The status of the access control policy. Valid values:

*   **normal**: healthy
*   **Abnormal**: unhealthy', example='Normal'),
      addressGroupList?: [ 
        {
          addressGroupName?: string(name='AddressGroupName', description='The name of the address book.', example='IP address book'),
          addressGroupUUID?: string(name='AddressGroupUUID', description='The UUID of the address book.', example='f04ac7ce-628b-4cb7-be61-310222b7****'),
        }
      ](name='AddressGroupList', description='The information about the address book.'),
      applicationPortList?: [ 
        {
          applicationName?: string(name='ApplicationName', description='The application type used in the access control policy. Valid values:

*   **FTP**
*   **HTTP**
*   **HTTPS**
*   **Memcache**
*   **MongoDB**
*   **MQTT**
*   **MySQL**
*   **RDP**
*   **Redis**
*   **SMTP**
*   **SMTPS**
*   **SSH**
*   **SSL_No_Cert**
*   **SSL**
*   **VNC**

>  The value of this parameter depends on the value of the Proto parameter. If you set Proto to TCP, you can set ApplicationNameList to any valid value. If you configure both ApplicationNameList and ApplicationName, only the value of ApplicationNameList is used.', example='HTTP'),
          port?: int32(name='Port', description='The application port.', example='80'),
        }
      ](name='ApplicationPortList', description='The application ports.

>  Only the first 100 application ports are displayed.'),
      assetCount?: long(name='AssetCount', description='The outbound asset count.', example='20'),
      categoryClassId?: string(name='CategoryClassId', description='The type of the tag. Valid values:

*   **Suspicious**
*   **Malicious**
*   **Trusted**', example='Trusted'),
      categoryId?: string(name='CategoryId', description='The ID of the service type. Valid values:

*   **Aliyun**: Alibaba Cloud services
*   **NotAliyun**: third-party services', example='Aliyun'),
      categoryName?: string(name='CategoryName', description='The type of the service to which the destination IP address belongs. Valid values:

*   **Alibaba Cloud services**
*   **Third-party services**', example='Alibaba Cloud services'),
      dstIP?: string(name='DstIP', description='The destination IP addresses in outbound connections.', example='10.0.XX.XX'),
      groupName?: string(name='GroupName', description='The name of the group to which the access control policy belongs.', example='Rule_test'),
      hasAcl?: string(name='HasAcl', description='Indicates whether an access control policy is configured. Valid values:

*   **true**
*   **false**', example='true'),
      hasAclRecommend?: boolean(name='HasAclRecommend', description='Indicates whether an access control policy is recommended. Valid values:

*   **true**
*   **false**', example='true'),
      inBytes?: long(name='InBytes', description='The inbound traffic. Unit: bytes.', example='472'),
      isMarkNormal?: boolean(name='IsMarkNormal', description='Indicates whether the destination IP address is added to a whitelist. Valid values:

*   **true**
*   **false**', example='true'),
      locationName?: string(name='LocationName', description='Location name.', example='山东省青岛市'),
      outBytes?: long(name='OutBytes', description='The outbound traffic. Unit: bytes.', example='965'),
      privateAssetCount?: long(name='PrivateAssetCount', description='The outbound private asset count.', example='20'),
      ruleId?: string(name='RuleId', description='The UUID of the access control policy.', example='fadsfd-dfadf-df****'),
      ruleName?: string(name='RuleName', description='The name of the access control policy.', example='Default rule'),
      securityReason?: string(name='SecurityReason', description='The reason why the domain name is secure.', example='Intelligent policy: The destination domain name belongs to Alibaba Cloud Computing Co., Ltd. The domain name mainly provides services for Alibaba Cloud. No security risks are found, and you can add the domain name to the whitelist.'),
      securitySuggest?: string(name='SecuritySuggest', description='The suggestion to handle the traffic of the domain name in outbound connections. Valid values:

*   **pass**: allow
*   **alert**: deny
*   **drop**: monitor', example='pass'),
      sessionCount?: long(name='SessionCount', description='The number of requests.', example='4'),
      tagList?: [ 
        {
          classId?: string(name='ClassId', description='The type of the tag. Valid values:

*   **Suspicious**
*   **Malicious**
*   **Trusted**', example='Trusted'),
          riskLevel?: int32(name='RiskLevel', description='The risk level. Valid values:

*   **1**: low.
*   **2**: medium.
*   **3**: high.', example='1'),
          tagDescribe?: string(name='TagDescribe', description='The description of the tag.', example='Tag that indicates traffic is allowed'),
          tagId?: string(name='TagId', description='The ID of the tag.', example='AliYun'),
          tagName?: string(name='TagName', description='The name of the tag.', example='Tag that indicates traffic is allowed'),
        }
      ](name='TagList', description='The tags.'),
      totalBytes?: string(name='TotalBytes', description='The total traffic. Unit: bytes', example='800'),
    }
  ](name='DstIPList', description='The IP addresses in outbound connections.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='F0F82705-CFC7-5F83-86C8-A063892F****'),
  totalCount?: int32(name='TotalCount', description='The total number of destination IP addresses in outbound connections.', example='50'),
}

model DescribeOutgoingDestinationIPResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeOutgoingDestinationIPResponseBody(name='body'),
}

/**
 * @summary Queries the information about the destination IP addresses in outbound connections.
 *
 * @param request DescribeOutgoingDestinationIPRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeOutgoingDestinationIPResponse
 */
async function describeOutgoingDestinationIPWithOptions(request: DescribeOutgoingDestinationIPRequest, runtime: Util.RuntimeOptions): DescribeOutgoingDestinationIPResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.applicationName)) {
    query['ApplicationName'] = request.applicationName;
  }
  if (!Util.isUnset(request.categoryId)) {
    query['CategoryId'] = request.categoryId;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.dstIP)) {
    query['DstIP'] = request.dstIP;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.order)) {
    query['Order'] = request.order;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.port)) {
    query['Port'] = request.port;
  }
  if (!Util.isUnset(request.privateIP)) {
    query['PrivateIP'] = request.privateIP;
  }
  if (!Util.isUnset(request.publicIP)) {
    query['PublicIP'] = request.publicIP;
  }
  if (!Util.isUnset(request.sort)) {
    query['Sort'] = request.sort;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.tagIdNew)) {
    query['TagIdNew'] = request.tagIdNew;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeOutgoingDestinationIP',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about the destination IP addresses in outbound connections.
 *
 * @param request DescribeOutgoingDestinationIPRequest
 * @return DescribeOutgoingDestinationIPResponse
 */
async function describeOutgoingDestinationIP(request: DescribeOutgoingDestinationIPRequest): DescribeOutgoingDestinationIPResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeOutgoingDestinationIPWithOptions(request, runtime);
}

model DescribeOutgoingDomainRequest {
  categoryId?: string(name='CategoryId', description='The type of the service. This parameter is empty by default. Valid values:

*   **All**: all services
*   **RiskDomain**: risky domain names
*   **RiskIP**: risky IP addresses
*   **AliYun**: Alibaba Cloud services
*   **NotAliYun**: third-party services', example='All'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return.

Default value: 1.', example='1'),
  domain?: string(name='Domain', description='The domain name in outbound connections.', example='www.aliyundoc.com'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1656750960'),
  lang?: string(name='Lang', description='The language of the content within the request. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  order?: string(name='Order', description='The method that is used to sort the results. Valid values:

*   **asc**: the ascending order.
*   **desc** (default): the descending order.', example='desc'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Default value: 6. Maximum value: 100.', example='10'),
  publicIP?: string(name='PublicIP', description='The public IP address of the Elastic Compute Service (ECS) instance that initiates outbound connections.', example='192.0.XX.XX'),
  sort?: string(name='Sort', description='The field based on which you want to sort the query results. Valid values:

*   **SessionCount** (default): the number of requests.
*   **TotalBytes**: the total volume of traffic.', example='SessionCount'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1656664560'),
  tagIdNew?: string(name='TagIdNew', description='The ID of the tag. Valid values:

*   **AliYun**: Alibaba Cloud service
*   **RiskDomain**: risky domain name
*   **RiskIP**: risky IP address
*   **TrustedDomain**: trusted website
*   **AliPay**: Alipay
*   **DingDing**: DingTalk
*   **WeChat**: WeChat
*   **QQ**: Tencent QQ
*   **SecurityService**: security service
*   **Microsoft**: Microsoft
*   **Amazon**: Amazon Web Services (AWS)
*   **Pan**: cloud disk
*   **Map**: map
*   **Code**: code hosting
*   **SystemService**: system service
*   **Taobao**: Taobao
*   **Google**: Google
*   **ThirdPartyService**: third-party service
*   **FirstFlow**: the first time when an outbound connection is initiated
*   **Downloader**: malicious download
*   **Alexa Top1M**: popular website
*   **Miner**: mining pool
*   **Intelligence**: threat intelligence
*   **DDoS**: DDoS trojan
*   **Ransomware**: ransomware
*   **Spyware**: spyware
*   **Rogue**: rogue software
*   **Botnet**: botnet
*   **Suspicious**: suspicious website
*   **C\\\\&C**: command and control (C\\\\&C)
*   **Gang**: gang
*   **CVE**: Common Vulnerabilities and Exposures (CVE)
*   **Backdoor**: webshell
*   **Phishing**: phishing website
*   **APT**: advanced persistent threat (APT) attack
*   **Supply Chain Attack**: supply chain attack
*   **Malicious software**: malware', example='AliYun'),
}

model DescribeOutgoingDomainResponseBody = {
  domainList?: [ 
    {
      aclCoverage?: string(name='AclCoverage', description='Indicates whether an access control policy is configured. Valid values:

*   **Uncovered**: no
*   **FullCoverage**: yes', example='Uncovered'),
      aclRecommendDetail?: string(name='AclRecommendDetail', description='The suggestion in an access control policy.', example='Allows the traffic.'),
      aclStatus?: string(name='AclStatus', description='The state of the access control policy. Valid values:

*   **normal**: healthy
*   **abnormal**: unhealthy', example='Normal'),
      addressGroupName?: string(name='AddressGroupName', description='The name of the address book.', example='The address book for outbound connections'),
      addressGroupUUID?: string(name='AddressGroupUUID', description='The UUID of the address book.', example='fdad-fdafa-dafa-dfa****'),
      applicationNameList?: [ string ](name='ApplicationNameList', description='The application names.'),
      assetCount?: long(name='AssetCount', description='The outbound asset count.', example='20'),
      business?: string(name='Business', description='The website service.', example='Alibaba Cloud'),
      categoryClassId?: string(name='CategoryClassId', description='The type of the tag. Valid values:

*   **Suspicious**
*   **Malicious**
*   **Trusted**', example='Trusted'),
      categoryId?: string(name='CategoryId', description='The type ID of the service to which the domain name belongs. Valid values:

*   **Aliyun**: Alibaba Cloud services
*   **NotAliyun**: third-party services', example='Aliyun'),
      categoryName?: string(name='CategoryName', description='The type of the service to which the domain name belongs. Valid values:

*   **Alibaba Cloud services**
*   **Third-party services**', example='Alibaba Cloud services'),
      domain?: string(name='Domain', description='The domain name in outbound connections.', example='www.aliyundoc.com'),
      groupName?: string(name='GroupName', description='The name of the group to which the access control policy belongs.', example='Group of addresses in outbound connections'),
      hasAcl?: string(name='HasAcl', description='Indicates whether an `access control policy` is configured for the domain name. Valid values:

*   **true**: yes
*   **false**: no', example='true'),
      hasAclRecommend?: boolean(name='HasAclRecommend', description='Indicates whether an access control policy is recommended. Valid values:

*   **true**: yes
*   **false**: no', example='true'),
      inBytes?: long(name='InBytes', description='The volume of inbound traffic.', example='3214'),
      isMarkNormal?: boolean(name='IsMarkNormal', description='Indicates whether the domain name is marked as normal. Valid values:

*   **true**: normal
*   **false**: abnormal', example='true'),
      organization?: string(name='Organization', description='The name of the organization.', example='Alibaba Cloud Computing Co., Ltd.'),
      outBytes?: long(name='OutBytes', description='The volume of outbound traffic.', example='4582'),
      privateAssetCount?: long(name='PrivateAssetCount', description='The outbound private asset count.', example='20'),
      ruleId?: string(name='RuleId', description='The ID of the access control policy.', example='add-dfadf-f****'),
      ruleName?: string(name='RuleName', description='The name of the access control policy.', example='Default rule'),
      securityReason?: string(name='SecurityReason', description='The reason why the domain name is secure.', example='Intelligent policy: The destination domain name belongs to Alibaba Cloud Computing Co., Ltd. The domain name mainly provides services for Alibaba Cloud. No security risks are found, and you can add the domain name to the whitelist.'),
      securitySuggest?: string(name='SecuritySuggest', description='The suggestion to handle the traffic of the domain name in outbound connections. Valid values:

*   **pass**: allow
*   **alert**: monitor
*   **drop**: deny', example='pass'),
      sessionCount?: long(name='SessionCount', description='The number of requests.', example='12'),
      tagList?: [ 
        {
          classId?: string(name='ClassId', description='The type of the tag. Valid values:

*   **Suspicious**
*   **Malicious**
*   **Trusted**', example='Trusted'),
          riskLevel?: int32(name='RiskLevel', description='The risk level. Valid values:

*   **1**: low
*   **2**: medium
*   **3**: high', example='3'),
          tagDescribe?: string(name='TagDescribe', description='The description of the tag.', example='Tag indicating that the domain name is added to the whitelist'),
          tagId?: string(name='TagId', description='The ID of the tag.', example='AliYun'),
          tagName?: string(name='TagName', description='The name of the tag.', example='Tag indicating that the domain name is added to the whitelist'),
        }
      ](name='TagList', description='An array that consists of tags.'),
      totalBytes?: string(name='TotalBytes', description='The total volume of traffic. Unit: bytes.', example='800'),
    }
  ](name='DomainList', description='The domain names in outbound connections.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='F0F82705-CFC7-5F83-86C8-A063892F****'),
  totalCount?: int32(name='TotalCount', description='The total number of the domain names in outbound connections.', example='132'),
}

model DescribeOutgoingDomainResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeOutgoingDomainResponseBody(name='body'),
}

/**
 * @summary Queries the information about the domain names in outbound connections.
 *
 * @param request DescribeOutgoingDomainRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeOutgoingDomainResponse
 */
async function describeOutgoingDomainWithOptions(request: DescribeOutgoingDomainRequest, runtime: Util.RuntimeOptions): DescribeOutgoingDomainResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.categoryId)) {
    query['CategoryId'] = request.categoryId;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.domain)) {
    query['Domain'] = request.domain;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.order)) {
    query['Order'] = request.order;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.publicIP)) {
    query['PublicIP'] = request.publicIP;
  }
  if (!Util.isUnset(request.sort)) {
    query['Sort'] = request.sort;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.tagIdNew)) {
    query['TagIdNew'] = request.tagIdNew;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeOutgoingDomain',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about the domain names in outbound connections.
 *
 * @param request DescribeOutgoingDomainRequest
 * @return DescribeOutgoingDomainResponse
 */
async function describeOutgoingDomain(request: DescribeOutgoingDomainRequest): DescribeOutgoingDomainResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeOutgoingDomainWithOptions(request, runtime);
}

model DescribePolicyAdvancedConfigRequest {
  lang?: string(name='Lang', description='The natural language of the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model DescribePolicyAdvancedConfigResponseBody = {
  internetSwitch?: string(name='InternetSwitch', description='Indicates whether the strict mode is enabled for the access control policy. Valid values:

*   **on**: The strict mode is enabled.
*   **off**: The strict mode is disabled.', example='off'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125EEB1'),
}

model DescribePolicyAdvancedConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribePolicyAdvancedConfigResponseBody(name='body'),
}

/**
 * @summary Queries whether the strict mode is enabled for an access control policy.
 *
 * @description You can call the DescribePolicyAdvancedConfig operation to query whether the strict mode is enabled for an access control policy.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribePolicyAdvancedConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribePolicyAdvancedConfigResponse
 */
async function describePolicyAdvancedConfigWithOptions(request: DescribePolicyAdvancedConfigRequest, runtime: Util.RuntimeOptions): DescribePolicyAdvancedConfigResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribePolicyAdvancedConfig',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries whether the strict mode is enabled for an access control policy.
 *
 * @description You can call the DescribePolicyAdvancedConfig operation to query whether the strict mode is enabled for an access control policy.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribePolicyAdvancedConfigRequest
 * @return DescribePolicyAdvancedConfigResponse
 */
async function describePolicyAdvancedConfig(request: DescribePolicyAdvancedConfigRequest): DescribePolicyAdvancedConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return describePolicyAdvancedConfigWithOptions(request, runtime);
}

model DescribePolicyPriorUsedRequest {
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies.

Valid values:

*   **in**: inbound.
*   **out**: outbound.

This parameter is required.', example='in'),
  ipVersion?: string(name='IpVersion', description='The IP version of the asset that is protected by Cloud Firewall.

Valid values:

*   **4** (default): IPv4.
*   **6**: IPv6.', example='6'),
  lang?: string(name='Lang', description='The language of the content within the request and response.

Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model DescribePolicyPriorUsedResponseBody = {
  end?: int32(name='End', description='The lowest priority of existing access control policies.

>  The value -1 indicates the lowest priority.', example='150'),
  requestId?: string(name='RequestId', description='The request ID.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
  start?: int32(name='Start', description='The highest priority of existing access control policies.

>  The value 0 indicates the highest priority.', example='-1'),
}

model DescribePolicyPriorUsedResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribePolicyPriorUsedResponseBody(name='body'),
}

/**
 * @summary Queries the priority range of access control policies.
 *
 * @description You can call this operation to query the priority range of the access control policies that match specific query conditions.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribePolicyPriorUsedRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribePolicyPriorUsedResponse
 */
async function describePolicyPriorUsedWithOptions(request: DescribePolicyPriorUsedRequest, runtime: Util.RuntimeOptions): DescribePolicyPriorUsedResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribePolicyPriorUsed',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the priority range of access control policies.
 *
 * @description You can call this operation to query the priority range of the access control policies that match specific query conditions.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribePolicyPriorUsedRequest
 * @return DescribePolicyPriorUsedResponse
 */
async function describePolicyPriorUsed(request: DescribePolicyPriorUsedRequest): DescribePolicyPriorUsedResponse {
  var runtime = new Util.RuntimeOptions{};
  return describePolicyPriorUsedWithOptions(request, runtime);
}

model DescribePostpayTrafficDetailRequest {
  currentPage?: long(name='CurrentPage', description='The page number. Default value: 1.', example='1'),
  endTime?: string(name='EndTime', description='The end of the time range to query. Specify a value in the YYYYMMDD format.

This parameter is required.', example='20230130'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  order?: string(name='Order', description='The field based on which you want to sort the query results. Valid values:

*   **resourceId**
*   **trafficDay**', example='resourceId'),
  pageSize?: long(name='PageSize', description='The number of entries per page. Default value: 10. Maximum value: 50.', example='10'),
  regionNo?: string(name='RegionNo', description='The region ID.', example='cn-beijing'),
  searchItem?: string(name='SearchItem', description='The instance ID or the IP address of the asset.', example='192.0.XX.XX'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. Specify a value in the YYYYMMDD format.

This parameter is required.', example='20230101'),
  trafficType?: string(name='TrafficType', description='The traffic type. This parameter is required. Valid values:

*   **EIP_TRAFFIC**: traffic for the Internet firewall.
*   **NatGateway_TRAFFIC**: traffic for NAT firewalls.
*   **VPC_TRAFFIC**: traffic for virtual private cloud (VPC) firewalls.

This parameter is required.', example='EIP_TRAFFIC'),
}

model DescribePostpayTrafficDetailResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='0525EADE-C112-5702-A5BC-0E2F6F94DB23'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='132'),
  trafficList?: [ 
    {
      inBytes?: long(name='InBytes', description='The inbound network throughput, which indicates the total number of bytes that are received Unit: bytes.', example='1115096939'),
      instanceId?: string(name='InstanceId', description='The instance ID of the asset.', example='i-8vb2d7c9mtn0bo9qcraq'),
      instanceType?: string(name='InstanceType', description='The asset type. This value takes effect only for the Internet firewall.', example='EcsPublicIP'),
      outBytes?: long(name='OutBytes', description='The outbound network throughput, which indicates the total number of bytes that are sent. Unit: bytes.', example='100000000'),
      protectionDuration?: long(name='ProtectionDuration', description='Protection duration. Unit: hours.', example='20'),
      regionNo?: string(name='RegionNo', description='The region ID.', example='cn-beijing'),
      resourceId?: string(name='ResourceId', description='The resource ID. The resource ID for the Internet firewall is the public IP address that is protected the Internet firewall, and the resource ID for a NAT firewall is the instance ID of the NAT firewall.', example='39.106.146.214'),
      totalBytes?: long(name='TotalBytes', description='The total inbound and outbound network throughput, which indicates the total number of bytes that are received and sent. Unit: bytes.', example='1215096939'),
      trafficDay?: string(name='TrafficDay', description='The date on which the statistics are collected.', example='20231001'),
      trafficType?: string(name='TrafficType', description='The traffic type. Valid values:

*   **EIP_TRAFFIC**: traffic for the Internet firewall
*   **NatGateway_TRAFFIC**: traffic for NAT firewalls
*   **VPC_TRAFFIC**: traffic for VPC firewalls', example='EIP_TRAFFIC'),
    }
  ](name='TrafficList', description='The statistics on traffic.'),
}

model DescribePostpayTrafficDetailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribePostpayTrafficDetailResponseBody(name='body'),
}

/**
 * @summary Queries the details of traffic billed based on the pay-as-you-go billing method.
 *
 * @description If you use Cloud Firewall that uses the pay-as-you-go billing method, you can call this operation to query traffic details accurate to the granularity of specific resource instances. If you use Cloud Firewall that uses the subscription billing method, you can call this operation to query the overall traffic details.
 *
 * @param request DescribePostpayTrafficDetailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribePostpayTrafficDetailResponse
 */
async function describePostpayTrafficDetailWithOptions(request: DescribePostpayTrafficDetailRequest, runtime: Util.RuntimeOptions): DescribePostpayTrafficDetailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.order)) {
    query['Order'] = request.order;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.searchItem)) {
    query['SearchItem'] = request.searchItem;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.trafficType)) {
    query['TrafficType'] = request.trafficType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribePostpayTrafficDetail',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details of traffic billed based on the pay-as-you-go billing method.
 *
 * @description If you use Cloud Firewall that uses the pay-as-you-go billing method, you can call this operation to query traffic details accurate to the granularity of specific resource instances. If you use Cloud Firewall that uses the subscription billing method, you can call this operation to query the overall traffic details.
 *
 * @param request DescribePostpayTrafficDetailRequest
 * @return DescribePostpayTrafficDetailResponse
 */
async function describePostpayTrafficDetail(request: DescribePostpayTrafficDetailRequest): DescribePostpayTrafficDetailResponse {
  var runtime = new Util.RuntimeOptions{};
  return describePostpayTrafficDetailWithOptions(request, runtime);
}

model DescribePostpayTrafficTotalRequest {
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
}

model DescribePostpayTrafficTotalResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='826B6280-9704-5643-97B1-6B47AC3F027A'),
  totalAssets?: long(name='TotalAssets', description='The total number of assets protected all types of firewalls.', example='132'),
  totalBillTraffic?: long(name='TotalBillTraffic', description='The volume of burstable protected traffic for which fees are generated. Unit: bytes.', example='2320274874426'),
  totalInternetAssets?: long(name='TotalInternetAssets', description='The total number of assets protected by the Internet firewall.', example='128'),
  totalInternetTraffic?: long(name='TotalInternetTraffic', description='The total traffic for the Internet firewall. If you use Cloud Firewall that uses the subscription billing method, this parameter indicates the total volume of burstable protected traffic on the Internet boundary. Unit: bytes.', example='2320274874426'),
  totalNatAssets?: long(name='TotalNatAssets', description='The total number of assets protected by NAT firewalls.', example='1'),
  totalNatTraffic?: long(name='TotalNatTraffic', description='The total traffic for NAT firewalls. If you use Cloud Firewall that uses the subscription billing method, this parameter indicates the total volume of burstable protected traffic on the NAT boundary. Unit: bytes.', example='560646279'),
  totalSdlBillTraffic?: long(name='TotalSdlBillTraffic', description='Data Leak Detection Total Fee Flow.', example='22879916142'),
  totalSdlFreeTraffic?: long(name='TotalSdlFreeTraffic', description='Data Leak Detection Total free usage traffic.', example='0'),
  totalTraffic?: long(name='TotalTraffic', description='The total volume of traffic. If you use Cloud Firewall that uses the subscription billing method, this parameter indicates the total volume of burstable protected traffic. Unit: bytes.', example='2320274874426'),
  totalVpcAssets?: long(name='TotalVpcAssets', description='The total number of assets protected by virtual private cloud (VPC) firewalls.', example='3'),
  totalVpcTraffic?: long(name='TotalVpcTraffic', description='The total traffic for VPC firewalls. If you use Cloud Firewall that uses the subscription billing method, this parameter indicates the total volume of burstable protected traffic on the VPC boundary. Unit: bytes.', example='2320274874426'),
}

model DescribePostpayTrafficTotalResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribePostpayTrafficTotalResponseBody(name='body'),
}

/**
 * @summary Queries the total volume of traffic that is billed based on the pay-as-you-go billing method, including all firewalls within the current account.
 *
 * @description You can call this operation to query statistics of the current Cloud Firewall from the date of purchase.
 *
 * @param request DescribePostpayTrafficTotalRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribePostpayTrafficTotalResponse
 */
async function describePostpayTrafficTotalWithOptions(request: DescribePostpayTrafficTotalRequest, runtime: Util.RuntimeOptions): DescribePostpayTrafficTotalResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribePostpayTrafficTotal',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the total volume of traffic that is billed based on the pay-as-you-go billing method, including all firewalls within the current account.
 *
 * @description You can call this operation to query statistics of the current Cloud Firewall from the date of purchase.
 *
 * @param request DescribePostpayTrafficTotalRequest
 * @return DescribePostpayTrafficTotalResponse
 */
async function describePostpayTrafficTotal(request: DescribePostpayTrafficTotalRequest): DescribePostpayTrafficTotalResponse {
  var runtime = new Util.RuntimeOptions{};
  return describePostpayTrafficTotalWithOptions(request, runtime);
}

model DescribePrefixListsRequest {
  regionNo?: string(name='RegionNo', description='The region ID of the instance.

This parameter is required.', example='cn-shenzhen'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='47.100.XX.XX'),
}

model DescribePrefixListsResponseBody = {
  prefixList?: [ 
    {
      addressFamily?: string(name='AddressFamily', description='The IP address family of the prefix list. Valid values:

*   IPv4
*   IPv6', example='IPv4'),
      associationCount?: int32(name='AssociationCount', description='The number of associated resources.', example='2'),
      creationTime?: string(name='CreationTime', description='The creation time.', example='2023-10-16T08:31:06Z'),
      description?: string(name='Description', description='The description.', example='TCP_14900-14911'),
      maxEntries?: int32(name='MaxEntries', description='The maximum number of entries in the prefix list.', example='20'),
      prefixListId?: string(name='PrefixListId', description='The ID of the prefix list.', example='pl-uf64nco3ujjqchx6aaji'),
      prefixListName?: string(name='PrefixListName', description='The name of the prefix list.', example='participant-name'),
    }
  ](name='PrefixList', description='Details about the prefix lists.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='67FD76C2-C493-5815-8107-643FD7AB77C7'),
}

model DescribePrefixListsResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribePrefixListsResponseBody(name='body'),
}

/**
 * @summary Queries prefix lists.
 *
 * @param request DescribePrefixListsRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribePrefixListsResponse
 */
async function describePrefixListsWithOptions(request: DescribePrefixListsRequest, runtime: Util.RuntimeOptions): DescribePrefixListsResponse {
  Util.validateModel(request);
  var query = OpenApiUtil.query(Util.toMap(request));
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribePrefixLists',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'GET',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries prefix lists.
 *
 * @param request DescribePrefixListsRequest
 * @return DescribePrefixListsResponse
 */
async function describePrefixLists(request: DescribePrefixListsRequest): DescribePrefixListsResponse {
  var runtime = new Util.RuntimeOptions{};
  return describePrefixListsWithOptions(request, runtime);
}

model DescribeRiskEventGroupRequest {
  attackApp?: [ string ](name='AttackApp', description='The names of attacked applications. Set the value in the `["AttackApp1","AttackApp2"]` format.', example='["MySql","DNS"]'),
  attackType?: string(name='AttackType', description='The attack type of the intrusion events. Valid values:

*   **1**: suspicious connection
*   **2**: command execution
*   **3**: brute-force attack
*   **4**: scanning
*   **5**: others
*   **6**: information leak
*   **7**: DoS attack
*   **8**: buffer overflow attack
*   **9**: web attack
*   **10**: trojan backdoor
*   **11**: computer worm
*   **12**: mining
*   **13**: reverse shell

> If you do not specify this parameter, the intrusion events of all attack types are queried.', example='1'),
  buyVersion?: long(name='BuyVersion', description='The edition of Cloud Firewall that you purchase. Valid values:

*   **2**: Premium Edition
*   **3**: Enterprise Edition
*   **4**: Ultimate Edition
*   **10**: Cloud Firewall that uses the pay-as-you-go billing method', example='10'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return. Default value: **1**.', example='1'),
  dataType?: string(name='DataType', description='The type of the risk events.\\\\
Set the value to **session**, which indicates intrusion events.

This parameter is required.', example='session'),
  direction?: string(name='Direction', description='The direction of the traffic for the intrusion events. Valid values:

*   **in**: inbound
*   **out**: outbound

> If you do not specify this parameter, the intrusion events that are recorded for both inbound and outbound traffic are queried.', example='in'),
  dstIP?: string(name='DstIP', description='The destination IP address to query. If you specify this parameter, all intrusion events with the specified destination IP address are queried.', example='192.0.XX.XX'),
  dstNetworkInstanceId?: string(name='DstNetworkInstanceId', description='The ID of the destination VPC.

> If the FirewallType parameter is set to VpcFirewall, you must specify this parameter.', example='vpc-uf6e9a9zyokj2ywuo****'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1534408267'),
  eventName?: string(name='EventName', description='The name of the intrusion event.', example='Webshell communication'),
  firewallType?: string(name='FirewallType', description='The type of the firewall. Valid values:

*   **VpcFirewall**: virtual private cloud (VPC) firewall
*   **InternetFirewall**: Internet firewall (default)', example='InternetFirewall'),
  isOnlyPrivateAssoc?: string(name='IsOnlyPrivateAssoc', description='Whether to query only the data that has completed private network tracing.', example='true'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  noLocation?: string(name='NoLocation', description='Specifies whether to query the information about the geographical locations of IP addresses.

*   **true**: does not query the information about the geographical locations of IP addresses.
*   **false**: queries the information about the geographical locations of IP addresses. This is the default value.', example='false'),
  order?: string(name='Order', description='The order in which you want to sort the results. Valid values:

*   **asc**: the ascending order.
*   **desc**: the descending order. This is the default value.', example='desc'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Default value: **6**. Maximum value: **10**.', example='6'),
  ruleResult?: string(name='RuleResult', description='The status of the firewall. Valid values:

*   **1**: alerting
*   **2**: blocking

> If you do not specify this parameter, all intrusion events that are detected by the firewall are queried, regardless of the firewall status.', example='1'),
  ruleSource?: string(name='RuleSource', description='The module of the rule that is used to detect the intrusion events. Valid values:

*   **1**: basic protection
*   **2**: virtual patching
*   **4**: threat intelligence

> If you do not specify this parameter, the intrusion events that are detected by all rules are queried.', example='1'),
  sort?: string(name='Sort', description='The field based on which you want to sort the results. Valid values:

*   **VulLevel**: The results are sorted based on the risk level field. This is the default value.
*   **LastTime**: The results are sorted based on the most recent occurrence time.', example='LastTime'),
  srcIP?: string(name='SrcIP', description='The source IP address to query. If you specify this parameter, all intrusion events with the specified source IP address are queried.', example='192.0.XX.XX'),
  srcNetworkInstanceId?: string(name='SrcNetworkInstanceId', description='The ID of the source VPC.

> If the FirewallType parameter is set to VpcFirewall, you must specify this parameter.', example='vpc-uf6e9a9zyokj2ywuo****'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1534408189'),
  vulLevel?: string(name='VulLevel', description='The risk level of the intrusion events. Valid values:

*   **1**: low
*   **2**: medium
*   **3**: high

> If you do not specify this parameter, the intrusion events that are at all risk levels are queried.', example='1'),
}

model DescribeRiskEventGroupResponseBody = {
  dataList?: [ 
    {
      attackApp?: string(name='AttackApp', description='The name of the attacked application.', example='MySql'),
      attackType?: int32(name='AttackType', description='The attack type of the intrusion event. Valid values:

*   **1**: suspicious connection
*   **2**: command execution
*   **3**: brute-force attack
*   **4**: scanning
*   **5**: others
*   **6**: information leak
*   **7**: DoS attack
*   **8**: buffer overflow attack
*   **9**: web attack
*   **10**: trojan backdoor
*   **11**: computer worm
*   **12**: mining
*   **13**: reverse shell', example='1'),
      description?: string(name='Description', description='The description of the intrusion event.', example='Path traversal attacks are detected in the web access requests over HTTP.'),
      direction?: string(name='Direction', description='The direction of the traffic for the intrusion event. Valid values:

*   **in**: inbound
*   **out**: outbound', example='in'),
      dstIP?: string(name='DstIP', description='The destination IP address that is included in the intrusion event.', example='192.0.XX.XX'),
      eventCount?: int32(name='EventCount', description='The number of intrusion events.', example='100'),
      eventId?: string(name='EventId', description='The ID of the intrusion event.', example='2b58efae-4c4b-4d96-9544-a586fb1f****'),
      eventName?: string(name='EventName', description='The name of the intrusion event.', example='Path traversal attack'),
      firstEventTime?: int32(name='FirstEventTime', description='The time when the intrusion event was first detected. The value is a UNIX timestamp. Unit: seconds.', example='1534408189'),
      IPLocationInfo?: {
        cityId?: string(name='CityId', description='The ID of the city to which the IP address belongs.', example='510100'),
        cityName?: string(name='CityName', description='The name of the city to which the IP address belongs.', example='Chengdu, Sichuan Province'),
        countryId?: string(name='CountryId', description='The ID of the country to which the IP address belongs.', example='CN'),
        countryName?: string(name='CountryName', description='The name of the country to which the IP address belongs.', example='China'),
      }(name='IPLocationInfo', description='The geographical information about the IP address. The value is a struct that contains the following parameters: **CityId**, **CityName**, **CountryId**, and **CountryName**.\\\\
****************'),
      lastEventTime?: int32(name='LastEventTime', description='The time when the intrusion event was last detected. The value is a UNIX timestamp. Unit: seconds.', example='1534408267'),
      resourcePrivateIPList?: [ 
        {
          regionNo?: string(name='RegionNo', description='The ID of the region to which the private IP address belongs.', example='cn-hangzhou'),
          resourceInstanceId?: string(name='ResourceInstanceId', description='The ID of the instance that uses the private IP address.', example='i-wz92jf4scg2zb74p****'),
          resourceInstanceName?: string(name='ResourceInstanceName', description='The name of the instance that uses the private IP address.', example='LD-shenzhen-zy****'),
          resourcePrivateIP?: string(name='ResourcePrivateIP', description='The private IP address.', example='10.255.XX.XX'),
        }
      ](name='ResourcePrivateIPList', description='The information about the private IP address in the intrusion event. The value is an array that contains the following parameters: **RegionNo**, **ResourceInstanceId**, **ResourceInstanceName**, and **ResourcePrivateIP**.\\\\
****************'),
      resourceType?: string(name='ResourceType', description='The type of the public IP address in the intrusion event. Valid values:

*   **EIP**: the elastic IP address (EIP)
*   **EcsPublicIP**: the public IP address of an Elastic Compute Service (ECS) instance
*   **EcsEIP**: the EIP of an ECS instance
*   **NatPublicIP**: the public IP address of a NAT gateway
*   **NatEIP**: the EIP of a NAT gateway', example='EcsPublicIP'),
      ruleId?: string(name='RuleId', description='The ID of the rule that is used to detect the intrusion event.', example='1000****'),
      ruleResult?: int32(name='RuleResult', description='The status of the firewall. Valid values:

*   **1**: alerting
*   **2**: blocking', example='2'),
      ruleSource?: int32(name='RuleSource', description='The module of the rule that is used to detect the intrusion event. Valid values:

*   **1**: basic protection
*   **2**: virtual patching
*   **4**: threat intelligence', example='1'),
      srcIP?: string(name='SrcIP', description='The source IP address that is included in the intrusion event.', example='192.0.XX.XX'),
      srcIPTag?: string(name='SrcIPTag', description='The tag added to the source IP address. The tag helps identify whether the source IP address is a back-to-origin IP address for a cloud service.', example='WAF Back-to-origin Address'),
      srcPrivateIPList?: [ string ](name='SrcPrivateIPList', description='An array that consists of the source private IP addresses in the intrusion event.'),
      tag?: string(name='Tag', description='The tag added to the threat intelligence that is provided for major events.', example='Threat intelligence provided for major events'),
      vpcDstInfo?: {
        ecsInstanceId?: string(name='EcsInstanceId', description='The ID of the ECS instance.', example='i-wz92jf4scg2zb74p****'),
        ecsInstanceName?: string(name='EcsInstanceName', description='The name of the ECS instance.', example='LD-shenzhen-zy****'),
        networkInstanceId?: string(name='NetworkInstanceId', description='The ID of the VPC.', example='vpc-uf6e9a9zyokj2ywuo****'),
        networkInstanceName?: string(name='NetworkInstanceName', description='The name of the VPC.', example='VPC-SH-TX****'),
        regionNo?: string(name='RegionNo', description='The ID of the region in which the destination VPC resides.', example='cn-hangzhou'),
      }(name='VpcDstInfo', description='The information about the destination VPC of the intrusion event. The value is a struct that contains the following parameters: **EcsInstanceId**, **EcsInstanceName**, **NetworkInstanceId**, **NetworkInstanceName**, and **RegionNo**.\\\\
********************'),
      vpcSrcInfo?: {
        ecsInstanceId?: string(name='EcsInstanceId', description='The ID of the ECS instance.', example='i-wz92jf4scg2zb74p****'),
        ecsInstanceName?: string(name='EcsInstanceName', description='The name of the ECS instance.', example='LD-shenzhen-zy****'),
        networkInstanceId?: string(name='NetworkInstanceId', description='The ID of the VPC.', example='vpc-uf6e9a9zyokj2ywuo****'),
        networkInstanceName?: string(name='NetworkInstanceName', description='The name of the VPC.', example='VPC-SH-TX****'),
        regionNo?: string(name='RegionNo', description='The ID of the region in which the source VPC resides.', example='cn-hangzhou'),
      }(name='VpcSrcInfo', description='The information about the source VPC of the intrusion event. The value is a struct that contains the following parameters: **EcsInstanceId**, **EcsInstanceName**, **NetworkInstanceId**, **NetworkInstanceName**, and **RegionNo**.\\\\
********************'),
      vulLevel?: int32(name='VulLevel', description='The risk level of the intrusion event. Valid values:

*   **1**: low
*   **2**: medium
*   **3**: high', example='1'),
    }
  ](name='DataList', description='An array that consists of the details of the intrusion events.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='B14757D0-4640-4B44-AC67-7F558FE7E6EF'),
  totalCount?: int32(name='TotalCount', description='The total number of risk events.', example='20'),
}

model DescribeRiskEventGroupResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeRiskEventGroupResponseBody(name='body'),
}

/**
 * @summary Queries the details of intrusion events.
 *
 * @description You can call the DescribeRiskEventGroup operation to query and download the details of intrusion events. We recommend that you query the details of 5 to 10 intrusion events at a time. If you do not need to query the geographical information about IP addresses, you can set the NoLocation parameter to true to prevent query timeout.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeRiskEventGroupRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeRiskEventGroupResponse
 */
async function describeRiskEventGroupWithOptions(request: DescribeRiskEventGroupRequest, runtime: Util.RuntimeOptions): DescribeRiskEventGroupResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.attackApp)) {
    query['AttackApp'] = request.attackApp;
  }
  if (!Util.isUnset(request.attackType)) {
    query['AttackType'] = request.attackType;
  }
  if (!Util.isUnset(request.buyVersion)) {
    query['BuyVersion'] = request.buyVersion;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.dataType)) {
    query['DataType'] = request.dataType;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.dstIP)) {
    query['DstIP'] = request.dstIP;
  }
  if (!Util.isUnset(request.dstNetworkInstanceId)) {
    query['DstNetworkInstanceId'] = request.dstNetworkInstanceId;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.eventName)) {
    query['EventName'] = request.eventName;
  }
  if (!Util.isUnset(request.firewallType)) {
    query['FirewallType'] = request.firewallType;
  }
  if (!Util.isUnset(request.isOnlyPrivateAssoc)) {
    query['IsOnlyPrivateAssoc'] = request.isOnlyPrivateAssoc;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.noLocation)) {
    query['NoLocation'] = request.noLocation;
  }
  if (!Util.isUnset(request.order)) {
    query['Order'] = request.order;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.ruleResult)) {
    query['RuleResult'] = request.ruleResult;
  }
  if (!Util.isUnset(request.ruleSource)) {
    query['RuleSource'] = request.ruleSource;
  }
  if (!Util.isUnset(request.sort)) {
    query['Sort'] = request.sort;
  }
  if (!Util.isUnset(request.srcIP)) {
    query['SrcIP'] = request.srcIP;
  }
  if (!Util.isUnset(request.srcNetworkInstanceId)) {
    query['SrcNetworkInstanceId'] = request.srcNetworkInstanceId;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.vulLevel)) {
    query['VulLevel'] = request.vulLevel;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeRiskEventGroup',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details of intrusion events.
 *
 * @description You can call the DescribeRiskEventGroup operation to query and download the details of intrusion events. We recommend that you query the details of 5 to 10 intrusion events at a time. If you do not need to query the geographical information about IP addresses, you can set the NoLocation parameter to true to prevent query timeout.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeRiskEventGroupRequest
 * @return DescribeRiskEventGroupResponse
 */
async function describeRiskEventGroup(request: DescribeRiskEventGroupRequest): DescribeRiskEventGroupResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeRiskEventGroupWithOptions(request, runtime);
}

model DescribeRiskEventPayloadRequest {
  dstIP?: string(name='DstIP', description='The destination IP address to query. If you specify this parameter, all intrusion events with the specified destination IP address are queried.', example='203.0.113.2'),
  dstVpcId?: string(name='DstVpcId', description='The ID of the destination VPC to query. If you specify this parameter, all intrusion events that contain the specified ID of the destination VPC are queried.', example='vpc-uf6jr1klwqb60dyn2****'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a timestamp. Unit: seconds.

This parameter is required.', example='1681288980'),
  firewallType?: string(name='FirewallType', description='The type of the firewall. Valid values:

*   **VpcFirewall**: virtual private cloud (VPC) firewall
*   **InternetFirewall** (default): Internet firewall', example='InternetFirewall'),
  publicIP?: string(name='PublicIP', description='The public IP address. If you specify this parameter, all intrusion events that contain the specified public IP address are queried.', example='203.0.113.3'),
  srcIP?: string(name='SrcIP', description='The source IP address to query. If you specify this parameter, all intrusion events from the specified source IP address are queried.', example='203.0.113.1'),
  srcVpcId?: string(name='SrcVpcId', description='The ID of the source VPC to query. If you specify this parameter, all intrusion events that contain the specified ID of the source VPC are queried.', example='vpc-wz9j2lqyo15udw5nt****'),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a timestamp. Unit: seconds.

This parameter is required.', example='1669533617'),
  UUID?: string(name='UUID', description='The UUID of the intrusion event.

This parameter is required.', example='e62c25e0-1073-46bd-9567-b8f12b3d****'),
}

model DescribeRiskEventPayloadResponseBody = {
  dstIP?: string(name='DstIP', description='The destination IP address of the intrusion event.', example='203.0.113.1'),
  dstPort?: int32(name='DstPort', description='The destination port of the intrusion event.', example='8080'),
  dstVpcId?: string(name='DstVpcId', description='The destination VPC ID of the intrusion event.', example='vpc-bp10w5nb30r4jzfyc****'),
  hitContentType?: int32(name='HitContentType', description='Type of the hit.', example='1'),
  hitTo?: int32(name='HitTo', description='The position where the hit ends.', example='67'),
  parsedContent?: string(name='ParsedContent', description='Hit payload.', example='2f636f6d706f7365722f73656e645f656d61696c3f746f3d6d61667740776f66736f7961792675726c3d687474703a2f2f302e302e302e303a31323334352f692f6431366530312f313664622f673670772f'),
  payload?: string(name='Payload', description='The attack payload of the intrusion event.', example='302902010004067075626c6963a01c0204036a5f43020100020100300e300c06082b060102010101000500'),
  payloadLen?: int32(name='PayloadLen', description='The length of the attack payload of the intrusion event.', example='457'),
  proto?: string(name='Proto', description='The protocol type of intrusion event. Valid values:

*   **TCP**
*   **UDP**', example='TCP'),
  realIp?: string(name='RealIp', description='The HTTP X-Real-IP field.', example='203.0.113.3'),
  requestId?: string(name='RequestId', description='The request ID.', example='68055BA4-D8BD-5611-AC49-C651E619A12E'),
  srcIP?: string(name='SrcIP', description='The source IP address of the intrusion event.', example='203.0.113.2'),
  srcPort?: int32(name='SrcPort', description='The source port of the intrusion event.', example='54360'),
  srcVpcId?: string(name='SrcVpcId', description='The source VPC ID of the intrusion event.', example='vpc-t4nlt09olhpazpoeg****'),
  XForwardFor?: string(name='XForwardFor', description='The HTTP X-Forwarded-For field.', example='203.0.113.4'),
}

model DescribeRiskEventPayloadResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeRiskEventPayloadResponseBody(name='body'),
}

/**
 * @summary Queries the attack payloads of intrusion events.
 *
 * @param request DescribeRiskEventPayloadRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeRiskEventPayloadResponse
 */
async function describeRiskEventPayloadWithOptions(request: DescribeRiskEventPayloadRequest, runtime: Util.RuntimeOptions): DescribeRiskEventPayloadResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.dstIP)) {
    query['DstIP'] = request.dstIP;
  }
  if (!Util.isUnset(request.dstVpcId)) {
    query['DstVpcId'] = request.dstVpcId;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.firewallType)) {
    query['FirewallType'] = request.firewallType;
  }
  if (!Util.isUnset(request.publicIP)) {
    query['PublicIP'] = request.publicIP;
  }
  if (!Util.isUnset(request.srcIP)) {
    query['SrcIP'] = request.srcIP;
  }
  if (!Util.isUnset(request.srcVpcId)) {
    query['SrcVpcId'] = request.srcVpcId;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.UUID)) {
    query['UUID'] = request.UUID;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeRiskEventPayload',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the attack payloads of intrusion events.
 *
 * @param request DescribeRiskEventPayloadRequest
 * @return DescribeRiskEventPayloadResponse
 */
async function describeRiskEventPayload(request: DescribeRiskEventPayloadRequest): DescribeRiskEventPayloadResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeRiskEventPayloadWithOptions(request, runtime);
}

model DescribeSignatureLibVersionResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='9C50C2A9-4BBB-5504-8ADA-C41A79B8C946'),
  totalCount?: int32(name='TotalCount', description='The total number of entries returned.', example='132'),
  version?: [ 
    {
      type?: string(name='Type', description='The type.

Valid values:

*   ips

    <!-- -->

    :

    <!-- -->

    Basic Rules and Virtual Patching

    <!-- -->

    .

*   intelligence

    <!-- -->

    :

    <!-- -->

    Threat Intelligence

    <!-- -->', example='ips'),
      updateTime?: long(name='UpdateTime'),
      version?: string(name='Version', description='The version number.', example='IPS-2307-02'),
    }
  ](name='Version', description='The information about the versions.'),
}

model DescribeSignatureLibVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeSignatureLibVersionResponseBody(name='body'),
}

/**
 * @summary Queries the information about signature library versions.
 *
 * @param request DescribeSignatureLibVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeSignatureLibVersionResponse
 */
async function describeSignatureLibVersionWithOptions(runtime: Util.RuntimeOptions): DescribeSignatureLibVersionResponse {
  var req = new OpenApi.OpenApiRequest{};
  var params = new OpenApi.Params{
    action = 'DescribeSignatureLibVersion',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'GET',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about signature library versions.
 *
 * @return DescribeSignatureLibVersionResponse
 */
async function describeSignatureLibVersion(): DescribeSignatureLibVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeSignatureLibVersionWithOptions(runtime);
}

model DescribeTrFirewallPolicyBackUpAssociationListRequest {
  candidateList?: [ 
    {
      candidateId?: string(name='CandidateId', description='The ID of the traffic redirection instance.', example='vpc-wz9grb8ng3y7h7lf2****'),
      candidateType?: string(name='CandidateType', description='The type of the traffic redirection instance.', example='VPC'),
    }
  ](name='CandidateList', description='The traffic redirection instances.'),
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-8b268ce1b26e4c68****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-5dcafb12ff794a56****'),
}

model DescribeTrFirewallPolicyBackUpAssociationListShrinkRequest {
  candidateListShrink?: string(name='CandidateList', description='The traffic redirection instances.'),
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-8b268ce1b26e4c68****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-5dcafb12ff794a56****'),
}

model DescribeTrFirewallPolicyBackUpAssociationListResponseBody = {
  policyAssociationBackupConfigs?: [ 
    {
      candidateId?: string(name='CandidateId', description='The ID of the traffic redirection instance.', example='vpc-wz9grb8ng3y7h7lf2****'),
      candidateName?: string(name='CandidateName', description='The name of the traffic redirection instance.', example='test'),
      candidateType?: string(name='CandidateType', description='The type of the traffic redirection instance.', example='VPC'),
      currentRouteTableId?: string(name='CurrentRouteTableId', description='The route table that is used after traffic redirection.', example='vtb-wz9898grickmh5j09****'),
      originalRouteTableId?: string(name='OriginalRouteTableId', description='The ID of the route table.', example='vtb-wz9slp3s7m4qrzvnq****'),
    }
  ](name='PolicyAssociationBackupConfigs', description='The route tables.'),
  requestId?: string(name='RequestId', description='The request ID.', example='C264A756-9B48-57E3-B312-716941E146C6'),
}

model DescribeTrFirewallPolicyBackUpAssociationListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeTrFirewallPolicyBackUpAssociationListResponseBody(name='body'),
}

/**
 * @summary Queries information about the transit routers that are associated with a virtual private cloud (VPC) firewall created for a transit router.
 *
 * @param tmpReq DescribeTrFirewallPolicyBackUpAssociationListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeTrFirewallPolicyBackUpAssociationListResponse
 */
async function describeTrFirewallPolicyBackUpAssociationListWithOptions(tmpReq: DescribeTrFirewallPolicyBackUpAssociationListRequest, runtime: Util.RuntimeOptions): DescribeTrFirewallPolicyBackUpAssociationListResponse {
  Util.validateModel(tmpReq);
  var request = new DescribeTrFirewallPolicyBackUpAssociationListShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.candidateList)) {
    request.candidateListShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.candidateList, 'CandidateList', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.candidateListShrink)) {
    query['CandidateList'] = request.candidateListShrink;
  }
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.trFirewallRoutePolicyId)) {
    query['TrFirewallRoutePolicyId'] = request.trFirewallRoutePolicyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeTrFirewallPolicyBackUpAssociationList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries information about the transit routers that are associated with a virtual private cloud (VPC) firewall created for a transit router.
 *
 * @param request DescribeTrFirewallPolicyBackUpAssociationListRequest
 * @return DescribeTrFirewallPolicyBackUpAssociationListResponse
 */
async function describeTrFirewallPolicyBackUpAssociationList(request: DescribeTrFirewallPolicyBackUpAssociationListRequest): DescribeTrFirewallPolicyBackUpAssociationListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeTrFirewallPolicyBackUpAssociationListWithOptions(request, runtime);
}

model DescribeTrFirewallV2RoutePolicyListRequest {
  currentPage?: int32(name='CurrentPage', description='The page number. Default value: 1.', example='1'),
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-d5ba592ac6c84aff****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  pageSize?: int32(name='PageSize', description='The number of entries per page. Default value: 10.', example='10'),
  policyId?: string(name='PolicyId', description='The ID of the routing policy.', example='policy-7b66257c14e141fb****'),
}

model DescribeTrFirewallV2RoutePolicyListResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='95EB5F3A-67FE-5780-92BD-5ECBA772AB7E'),
  totalCount?: string(name='TotalCount', description='The total number of entries returned.', example='1'),
  trFirewallRoutePolicies?: [ 
    {
      destCandidateList?: [ 
        {
          candidateId?: string(name='CandidateId', description='The ID of the secondary traffic redirection instance.', example='vpc-2ze9epancaw8t4sha****'),
          candidateType?: string(name='CandidateType', description='The type of the secondary traffic redirection instance.', example='VPC'),
        }
      ](name='DestCandidateList', description='The secondary traffic redirection instances.'),
      policyDescription?: string(name='PolicyDescription', description='The description of the routing policy.', example='test'),
      policyName?: string(name='PolicyName', description='The name of the routing policy.', example='TEST_VPC_FW'),
      policyStatus?: string(name='PolicyStatus', description='The status of the routing policy. Valid values:

*   creating: The policy is being created.
*   deleting: The policy is being deleted.
*   opening: The policy is being enabled.
*   opened: The policy is enabled.
*   closing: The policy is being disabled.
*   closed: The policy is disabled.', example='opened'),
      policyType?: string(name='PolicyType', description='The type of the traffic redirection scenario of the VPC firewall. Valid values:

*   **fullmesh**: interconnected instances
*   **one_to_one**: instance to instance
*   **end_to_end**: instance to instances', example='fullmesh'),
      srcCandidateList?: [ 
        {
          candidateId?: string(name='CandidateId', description='The ID of the primary traffic redirection instance.', example='vpc-2ze9epancaw8t4sha****'),
          candidateType?: string(name='CandidateType', description='The type of the primary traffic redirection instance.', example='VPC'),
        }
      ](name='SrcCandidateList', description='The primary traffic redirection instances.'),
      trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-7b66257c14e141fb****'),
    }
  ](name='TrFirewallRoutePolicies', description='The routing policies.'),
}

model DescribeTrFirewallV2RoutePolicyListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeTrFirewallV2RoutePolicyListResponseBody(name='body'),
}

/**
 * @summary Queries the routing policies of a virtual private cloud (VPC) firewall that is created for a transit router.
 *
 * @param request DescribeTrFirewallV2RoutePolicyListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeTrFirewallV2RoutePolicyListResponse
 */
async function describeTrFirewallV2RoutePolicyListWithOptions(request: DescribeTrFirewallV2RoutePolicyListRequest, runtime: Util.RuntimeOptions): DescribeTrFirewallV2RoutePolicyListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.policyId)) {
    query['PolicyId'] = request.policyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeTrFirewallV2RoutePolicyList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the routing policies of a virtual private cloud (VPC) firewall that is created for a transit router.
 *
 * @param request DescribeTrFirewallV2RoutePolicyListRequest
 * @return DescribeTrFirewallV2RoutePolicyListResponse
 */
async function describeTrFirewallV2RoutePolicyList(request: DescribeTrFirewallV2RoutePolicyListRequest): DescribeTrFirewallV2RoutePolicyListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeTrFirewallV2RoutePolicyListWithOptions(request, runtime);
}

model DescribeTrFirewallsV2DetailRequest {
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-a5a6b89f46764928****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
}

model DescribeTrFirewallsV2DetailResponseBody = {
  cenId?: string(name='CenId', description='The ID of the Cloud Enterprise Network (CEN) instance.', example='cen-37nddhri7jf0d2****'),
  firewallDescription?: string(name='FirewallDescription', description='The description of the VPC firewall.', example='VPC Firewall'),
  firewallEniId?: string(name='FirewallEniId', description='The ID of the Elastic Network Interface (ENI) with which the VPC firewall is associated.', example='eni-uf621u00nafypeex****'),
  firewallEniVpcId?: string(name='FirewallEniVpcId', description='The ID of the VPC to which the ENI is attached.', example='vpc-2zeppcci782zeh2bk****'),
  firewallEniVswitchId?: string(name='FirewallEniVswitchId', description='The ID of the vSwitch with which the ENI is associated.', example='vsw-uf6ptq1kl1c1d9pw9****'),
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-9c7c711abdfa4d80****'),
  firewallName?: string(name='FirewallName', description='The name of the VPC firewall.', example='cloudfirewall-manual'),
  firewallStatus?: string(name='FirewallStatus', description='The status of the VPC firewall. Valid values:

*   Creating
*   Deleting
*   Ready', example='Ready'),
  firewallSubnetCidr?: string(name='FirewallSubnetCidr', description='The subnet CIDR block of the VPC in which the ENI of the firewall is stored in automatic mode.', example='10.0.1.0/24'),
  firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not created.
*   **configured**: The VPC firewall is created but is not enabled.
*   **creating**: The VPC firewall is being created.
*   **opening**: The VPC firewall is being enabled.
*   **deleting**: The VPC firewall is being deleted.

> If you do not specify this parameter, VPC firewalls in all states are queried.', example='opened'),
  firewallVpcCidr?: string(name='FirewallVpcCidr', description='The CIDR block that is allocated to the VPC created for the VPC firewall in automatic mode.', example='10.0.0.0/16'),
  regionNo?: string(name='RegionNo', description='The region ID of the transit router.', example='cn-shanghai'),
  requestId?: string(name='RequestId', description='The request ID.', example='7E53A7FB-3EB9-5E33-8E50-B8F417D1E02B'),
  routeMode?: string(name='RouteMode', description='The routing mode of the VPC firewall. Valid values:

*   **managed**: automatic mode
*   **manual**: manual mode', example='managed'),
  trAttachmentMasterCidr?: string(name='TrAttachmentMasterCidr', description='The primary subnet CIDR block that the VPC uses to connect to the transit router in automatic mode.', example='10.0.2.0/24'),
  trAttachmentMasterZone?: string(name='TrAttachmentMasterZone'),
  trAttachmentSlaveCidr?: string(name='TrAttachmentSlaveCidr', description='The secondary subnet CIDR block that the VPC uses to connect to the transit router in automatic mode.', example='10.0.3.0/24'),
  trAttachmentSlaveZone?: string(name='TrAttachmentSlaveZone'),
  transitRouterId?: string(name='TransitRouterId', description='The ID of the transit router.', example='tr-wz9y8sgug8b1xb416****'),
}

model DescribeTrFirewallsV2DetailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeTrFirewallsV2DetailResponseBody(name='body'),
}

/**
 * @summary Queries the details of the virtual private cloud (VPC) firewalls that are created for transit routers.
 *
 * @param request DescribeTrFirewallsV2DetailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeTrFirewallsV2DetailResponse
 */
async function describeTrFirewallsV2DetailWithOptions(request: DescribeTrFirewallsV2DetailRequest, runtime: Util.RuntimeOptions): DescribeTrFirewallsV2DetailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeTrFirewallsV2Detail',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details of the virtual private cloud (VPC) firewalls that are created for transit routers.
 *
 * @param request DescribeTrFirewallsV2DetailRequest
 * @return DescribeTrFirewallsV2DetailResponse
 */
async function describeTrFirewallsV2Detail(request: DescribeTrFirewallsV2DetailRequest): DescribeTrFirewallsV2DetailResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeTrFirewallsV2DetailWithOptions(request, runtime);
}

model DescribeTrFirewallsV2ListRequest {
  cenId?: string(name='CenId', description='The ID of the Cloud Enterprise Network (CEN) instance.', example='cen-rig0t5zi96crkl****'),
  currentPage?: int32(name='CurrentPage', description='The page number. Default value: **1**.', example='1'),
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-f1799baa9e254651****'),
  firewallName?: string(name='FirewallName', description='The name of the VPC firewall.', example='test'),
  firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not created.
*   **configured**: The VPC firewall is created but is not enabled.
*   **creating**: The VPC firewall is being created.
*   **opening**: The VPC firewall is being enabled.
*   **deleting**: The VPC firewall is being deleted.

>  If you do not specify this parameter, VPC firewalls in all states are queried.', example='opened'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  ownerId?: string(name='OwnerId'),
  pageSize?: int32(name='PageSize', description='The number of entries per page. Default value: 10.', example='10'),
  regionNo?: string(name='RegionNo', description='The region ID of the transit router.', example='cn-hangzhou'),
  routeMode?: string(name='RouteMode', description='The routing mode of the VPC firewall. Valid values:

*   **managed**: automatic mode
*   **manual**: manual mode

>  If you do not specify this parameter, VPC firewalls in all routing modes are queried.', example='managed'),
  transitRouterId?: string(name='TransitRouterId', description='The ID of the transit router.', example='tr-uf6egtvyaedvt20xl****'),
}

model DescribeTrFirewallsV2ListResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='1471E2EC-F706-5F11-A79B-BD583ACB8297'),
  totalCount?: string(name='TotalCount', description='The total number of entries returned.', example='6'),
  vpcTrFirewalls?: [ 
    {
      aclConfig?: {
        strictMode?: int32(name='StrictMode'),
      }(name='AclConfig'),
      cenId?: string(name='CenId', description='The ID of the CEN instance.', example='cen-03f8s0z052ka3v****'),
      cenName?: string(name='CenName', description='The name of the CEN instance.', example='cen_swas'),
      cloudFirewallVpcOrderType?: string(name='CloudFirewallVpcOrderType', description='The party responsible for the TR fees generated by the VPC firewall. Values:

- **PayByCloudFirewall**: Fees are borne by the Cloud Firewall.
- **PayByCenOwner**: Fees are borne by the account to which the CEN instance belongs.', example='PayByCenOwner'),
      firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-99bc4f0fc88b4d00****'),
      firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not created.
*   **configured**: The VPC firewall is created but is not enabled.
*   **creating**: The VPC firewall is being created.
*   **opening**: The VPC firewall is being enabled.
*   **deleting**: The VPC firewall is being deleted.

>  If you do not specify this parameter, VPC firewalls in all states are queried.', example='opened'),
      ipsConfig?: {
        basicRules?: int32(name='BasicRules', description='Indicates whether basic protection is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
        enableAllPatch?: int32(name='EnableAllPatch', description='Indicates whether virtual patching is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
        ruleClass?: int32(name='RuleClass', description='The level of the rule group for the IPS. Valid values:

*   **1**: loose.
*   **2**: medium.
*   **3**: strict.', example='3'),
        runMode?: int32(name='RunMode', description='The mode of the IPS. Valid values:

*   **1**: block mode
*   **0**: monitor mode', example='1'),
      }(name='IpsConfig', description='The intrusion prevention system (IPS) configurations.'),
      ownerId?: long(name='OwnerId', description='The ID of the Alibaba Cloud account to which the VPC belongs.', example='171761785151****'),
      precheckStatus?: string(name='PrecheckStatus', description='Indicates whether the VPC firewall can be automatically enabled. Valid values:

*   **passed**: yes
*   **failed**: no
*   **unknown**', example='passed'),
      protectedResource?: {
        count?: int32(name='Count', description='The number of protected resources.', example='1'),
        ecrList?: [ string ](name='EcrList', description='The protected express connect routers.'),
        peerTrList?: [ string ](name='PeerTrList', description='The protected peer transit routers.'),
        vbrList?: [ string ](name='VbrList', description='The protected virtual border routers (VBRs).'),
        vpcList?: [ string ](name='VpcList', description='The protected VPCs.'),
        vpnList?: [ string ](name='VpnList', description='The protected VPN gateways.'),
      }(name='ProtectedResource', description='The protected resources.'),
      regionNo?: string(name='RegionNo', description='The region ID of the transit router.', example='cn-hangzhou'),
      regionStatus?: string(name='RegionStatus', description='Indicates whether you can create a VPC firewall in a specified region. Valid values:

*   **enable**: yes
*   **disable**: no', example='enable'),
      resultCode?: string(name='ResultCode', description='The result code of the operation that creates the VPC firewall. Valid values:

*   **RegionDisable**: VPC Firewall is not supported in the region of the network instance. You cannot create a VPC firewall for the network instance.
*   **Empty string**: You can create a VPC firewall for the network instance.', example='RegionDisable'),
      routeMode?: string(name='RouteMode', description='The routing mode of the VPC firewall. Valid values:

*   **managed**: automatic mode
*   **manual**: manual mode', example='managed'),
      transitRouterId?: string(name='TransitRouterId', description='The ID of the transit router.', example='tr-2vcmhjs88nil55fvu****'),
      unprotectedResource?: {
        count?: int32(name='Count', description='The number of unprotected resources.', example='1'),
        ecrList?: [ string ](name='EcrList', description='The unprotected express connect routers.'),
        peerTrList?: [ string ](name='PeerTrList', description='The unprotected peer transit routers.'),
        vbrList?: [ string ](name='VbrList', description='The unprotected VBRs.'),
        vpcList?: [ string ](name='VpcList', description='The unprotected VPCs.'),
        vpnList?: [ string ](name='VpnList', description='The unprotected VPN gateways.'),
      }(name='UnprotectedResource', description='The unprotected resources.'),
      vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.', example='test'),
    }
  ](name='VpcTrFirewalls', description='The information about the VPC firewalls.'),
}

model DescribeTrFirewallsV2ListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeTrFirewallsV2ListResponseBody(name='body'),
}

/**
 * @summary Queries the virtual private cloud (VPC) firewalls that are created for transit routers.
 *
 * @param request DescribeTrFirewallsV2ListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeTrFirewallsV2ListResponse
 */
async function describeTrFirewallsV2ListWithOptions(request: DescribeTrFirewallsV2ListRequest, runtime: Util.RuntimeOptions): DescribeTrFirewallsV2ListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.cenId)) {
    query['CenId'] = request.cenId;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.firewallName)) {
    query['FirewallName'] = request.firewallName;
  }
  if (!Util.isUnset(request.firewallSwitchStatus)) {
    query['FirewallSwitchStatus'] = request.firewallSwitchStatus;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.ownerId)) {
    query['OwnerId'] = request.ownerId;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.routeMode)) {
    query['RouteMode'] = request.routeMode;
  }
  if (!Util.isUnset(request.transitRouterId)) {
    query['TransitRouterId'] = request.transitRouterId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeTrFirewallsV2List',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the virtual private cloud (VPC) firewalls that are created for transit routers.
 *
 * @param request DescribeTrFirewallsV2ListRequest
 * @return DescribeTrFirewallsV2ListResponse
 */
async function describeTrFirewallsV2List(request: DescribeTrFirewallsV2ListRequest): DescribeTrFirewallsV2ListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeTrFirewallsV2ListWithOptions(request, runtime);
}

model DescribeTrFirewallsV2RouteListRequest {
  currentPage?: string(name='CurrentPage', description='The page number. Default value: 1.', example='1'),
  firewallId?: string(name='FirewallId', description='The instance ID of the virtual private cloud (VPC) firewall.', example='vfw-tr-8bcfa0f2f12d411e****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  pageSize?: string(name='PageSize', description='The number of entries per page. Default value: 10.', example='10'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-7d5c672e37ee4175****'),
}

model DescribeTrFirewallsV2RouteListResponseBody = {
  firewallRouteDetailList?: [ 
    {
      trFirewallRouteDestination?: string(name='TrFirewallRouteDestination', description='The destination address of the route.', example='192.168.10.0/25'),
      trFirewallRouteNexthop?: string(name='TrFirewallRouteNexthop', description='The ID of the next hop for the route.', example='tr-attach-hnxab1y0pxn16p****'),
      trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-04ecbbc6720d4f90****'),
      trFirewallRouteTableId?: string(name='TrFirewallRouteTableId', description='The ID of the route table to which the route entry belongs.', example='vtb-2zeockxxxorv0mnhz****'),
    }
  ](name='FirewallRouteDetailList', description='The route tables of Cloud Firewall.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='ABF190A2-B4D0-53F6-995A-5690A721F91C'),
}

model DescribeTrFirewallsV2RouteListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeTrFirewallsV2RouteListResponseBody(name='body'),
}

/**
 * @summary Queries the route tables of the VPC firewalls that are created for transit routers.
 *
 * @param request DescribeTrFirewallsV2RouteListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeTrFirewallsV2RouteListResponse
 */
async function describeTrFirewallsV2RouteListWithOptions(request: DescribeTrFirewallsV2RouteListRequest, runtime: Util.RuntimeOptions): DescribeTrFirewallsV2RouteListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.trFirewallRoutePolicyId)) {
    query['TrFirewallRoutePolicyId'] = request.trFirewallRoutePolicyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeTrFirewallsV2RouteList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the route tables of the VPC firewalls that are created for transit routers.
 *
 * @param request DescribeTrFirewallsV2RouteListRequest
 * @return DescribeTrFirewallsV2RouteListResponse
 */
async function describeTrFirewallsV2RouteList(request: DescribeTrFirewallsV2RouteListRequest): DescribeTrFirewallsV2RouteListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeTrFirewallsV2RouteListWithOptions(request, runtime);
}

model DescribeUserAssetIPTrafficInfoRequest {
  assetIP?: string(name='AssetIP', description='The IP address of the asset.

This parameter is required.', example='192.0.XX.XX'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  trafficTime?: string(name='TrafficTime', description='The time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1656923760'),
}

model DescribeUserAssetIPTrafficInfoResponseBody = {
  endTime?: long(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.', example='1656923760'),
  inBps?: long(name='InBps', description='The network throughput, which indicates the inbound traffic rate. Unit: bit/s.', example='4520'),
  inPps?: long(name='InPps', description='The inbound network throughput, which indicates the number of packets that are sent inbound per second. Unit: packets per second (pps).', example='233'),
  newConn?: long(name='NewConn', description='The new connection creation rate.', example='43'),
  outBps?: long(name='OutBps', description='The network throughput, which indicates the outbound traffic rate. Unit: bit/s.', example='4180'),
  outPps?: long(name='OutPps', description='The outbound network throughput, which indicates the number of packets that are sent outbound per second. Unit: pps.', example='224'),
  requestId?: string(name='RequestId', description='The request ID.', example='F0F82705-CFC7-5F83-86C8-A063892F****'),
  sessionCount?: long(name='SessionCount', description='The number of requests.', example='50'),
  startTime?: long(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.', example='1656837360'),
}

model DescribeUserAssetIPTrafficInfoResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeUserAssetIPTrafficInfoResponseBody(name='body'),
}

/**
 * @summary Queries the information about the traffic of a specified asset that belongs to your Alibaba Cloud account.
 *
 * @param request DescribeUserAssetIPTrafficInfoRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeUserAssetIPTrafficInfoResponse
 */
async function describeUserAssetIPTrafficInfoWithOptions(request: DescribeUserAssetIPTrafficInfoRequest, runtime: Util.RuntimeOptions): DescribeUserAssetIPTrafficInfoResponse {
  Util.validateModel(request);
  var query = OpenApiUtil.query(Util.toMap(request));
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeUserAssetIPTrafficInfo',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'GET',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about the traffic of a specified asset that belongs to your Alibaba Cloud account.
 *
 * @param request DescribeUserAssetIPTrafficInfoRequest
 * @return DescribeUserAssetIPTrafficInfoResponse
 */
async function describeUserAssetIPTrafficInfo(request: DescribeUserAssetIPTrafficInfoRequest): DescribeUserAssetIPTrafficInfoResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeUserAssetIPTrafficInfoWithOptions(request, runtime);
}

model DescribeUserBuyVersionRequest {
  instanceId?: string(name='InstanceId', description='Instance ID. If the Instance ID is provided, the query will be based on this ID. If not provided, the latest instance will be queried by default.', example='cfw_elasticity_public_cn-*******'),
}

model DescribeUserBuyVersionResponseBody = {
  aliUid?: long(name='AliUid', description='The ID of the Alibaba Cloud account that is used to purchase Cloud Firewall.', example='119898001566xxxx'),
  expire?: long(name='Expire', description='The time when Cloud Firewall expires.

>  The value is a timestamp in milliseconds.

>  If you use Cloud Firewall that uses the pay-as-you-go billing method, ignore this parameter.', example='1726934400000'),
  instanceId?: string(name='InstanceId', description='The instance ID of Cloud Firewall.

>  If you use a trial of Cloud Firewall, ignore this parameter.', example='vipcloudfw-cn-xxxxx'),
  instanceStatus?: string(name='InstanceStatus', description='The status of Cloud Firewall. Valid values:

*   **normal**: Cloud Firewall is running as expected.
*   **init**: Cloud Firewall is being initialized.
*   **deleting**: Cloud Firewall is being deleted.
*   **abnormal**: An exception occurs in Cloud Firewall.
*   **free**: Cloud Firewall is invalid.', example='normal'),
  internetBandwidth?: long(name='InternetBandwidth', description='The peak Internet traffic that can be protected.', example='3000'),
  ipNumber?: long(name='IpNumber', description='The number of public IP addresses that can be protected.

>  This parameter takes effect only for Cloud Firewall that uses the subscription billing method.', example='63'),
  logStatus?: boolean(name='LogStatus', description='Indicates whether log delivery is enabled. Valid values:

*   **true**
*   **false**', example='true'),
  logStorage?: long(name='LogStorage', description='The log storage capacity.

>  This parameter takes effect only for Cloud Firewall that uses the subscription billing method.', example='3000'),
  maxOverflow?: long(name='MaxOverflow', description='The status of the burstable protected traffic feature. Valid values:

*   **1000000**: enabled.
*   **0**: disabled.

>  This parameter takes effect only for Cloud Firewall that uses the subscription billing method.', example='0'),
  natBandwidth?: long(name='NatBandwidth', description='The peak traffic of NAT private network that can be protected.', example='3000'),
  requestId?: string(name='RequestId', description='The request ID.', example='F71B03EE-xxxxx-91D79CC6AA1A'),
  startTime?: long(name='StartTime', description='The time when Cloud Firewall was activated.

>  The value is a timestamp in milliseconds.', example='1692504764000'),
  userStatus?: boolean(name='UserStatus', description='Indicates whether Cloud Firewall is valid. Valid values:

*   **true**
*   **false**', example='true'),
  version?: int32(name='Version', description='The edition of Cloud Firewall. Valid values:

*   **2**: Premium Edition.
*   **3**: Enterprise Edition.
*   **4**: Ultimate Edition.
*   **10**: Cloud Firewall that uses the pay-as-you-go billing method.', example='2'),
  vpcBandwidth?: long(name='VpcBandwidth', description='The peak cross-VPC traffic that can be protected.', example='3000'),
  vpcNumber?: long(name='VpcNumber', description='The number of virtual private clouds (VPCs) that can be protected.

>  This parameter takes effect only for Cloud Firewall that uses the subscription billing method.', example='21'),
}

model DescribeUserBuyVersionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeUserBuyVersionResponseBody(name='body'),
}

/**
 * @summary Queries the edition information about Cloud Firewall.
 *
 * @description You can call this operation to query the edition information about Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeUserBuyVersionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeUserBuyVersionResponse
 */
async function describeUserBuyVersionWithOptions(request: DescribeUserBuyVersionRequest, runtime: Util.RuntimeOptions): DescribeUserBuyVersionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeUserBuyVersion',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the edition information about Cloud Firewall.
 *
 * @description You can call this operation to query the edition information about Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeUserBuyVersionRequest
 * @return DescribeUserBuyVersionResponse
 */
async function describeUserBuyVersion(request: DescribeUserBuyVersionRequest): DescribeUserBuyVersionResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeUserBuyVersionWithOptions(request, runtime);
}

model DescribeUserIPSWhitelistRequest {
  lang?: string(name='Lang'),
  sourceIp?: string(name='SourceIp'),
}

model DescribeUserIPSWhitelistResponseBody = {
  ipv6Whitelists?: [ 
    {
      direction?: long(name='Direction'),
      listType?: long(name='ListType'),
      listValue?: string(name='ListValue'),
      whiteListValue?: [ string ](name='WhiteListValue'),
      whiteType?: long(name='WhiteType'),
    }
  ](name='Ipv6Whitelists'),
  requestId?: string(name='RequestId'),
  whitelists?: [ 
    {
      direction?: long(name='Direction'),
      listType?: long(name='ListType'),
      listValue?: string(name='ListValue'),
      whiteListValue?: [ string ](name='WhiteListValue'),
      whiteType?: long(name='WhiteType'),
    }
  ](name='Whitelists'),
}

model DescribeUserIPSWhitelistResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeUserIPSWhitelistResponseBody(name='body'),
}

/**
 * @summary 获取用户IPS白名单
 *
 * @param request DescribeUserIPSWhitelistRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeUserIPSWhitelistResponse
 */
async function describeUserIPSWhitelistWithOptions(request: DescribeUserIPSWhitelistRequest, runtime: Util.RuntimeOptions): DescribeUserIPSWhitelistResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeUserIPSWhitelist',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary 获取用户IPS白名单
 *
 * @param request DescribeUserIPSWhitelistRequest
 * @return DescribeUserIPSWhitelistResponse
 */
async function describeUserIPSWhitelist(request: DescribeUserIPSWhitelistRequest): DescribeUserIPSWhitelistResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeUserIPSWhitelistWithOptions(request, runtime);
}

model DescribeVpcFirewallAclGroupListRequest {
  currentPage?: string(name='CurrentPage', description='The number of the page to return. Default value: 1.', example='1'),
  firewallConfigureStatus?: string(name='FirewallConfigureStatus', description='Specifies whether VPC firewalls are configured. Valid values:

*   **notconfigured**: VPC firewalls are not configured.
*   **configured**: VPC firewalls are configured.
*   If you do not specify this parameter, the access control policies of all VPC firewalls are queried.', example='configured'),
  firewallId?: string(name='FirewallId'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page. Maximum value: 50.', example='10'),
}

model DescribeVpcFirewallAclGroupListResponseBody = {
  aclGroupList?: [ 
    {
      aclConfig?: {
        strictMode?: int32(name='StrictMode'),
      }(name='AclConfig'),
      aclGroupId?: string(name='AclGroupId', description='The ID of the policy group.

Valid values:

*   If the VPC firewall is used to protect a Cloud Enterprise Network (CEN) instance, the value of this parameter is the ID of the CEN instance.

    Example: cen-ervw0g12b5jbw\\\\*\\\\*\\\\*\\\\*

*   If the VPC firewall is used to protect an Express Connect circuit, the value of this parameter is the instance ID of the VPC firewall.

    Example: vfw-a42bbb7b887148c9\\\\*\\\\*\\\\*\\\\*', example='vfw-a42bbb7b887148c9****'),
      aclGroupName?: string(name='AclGroupName', description='The name of the policy group. Valid values:

*   If the VPC firewall is used to protect a CEN instance, the value of this parameter is the name of the CEN instance.
*   If the VPC firewall is used to protect an Express Connect circuit, the value of this parameter is the instance name of the VPC firewall.', example='group_test'),
      aclRuleCount?: int32(name='AclRuleCount', description='The number of access control policies in the policy group.', example='9'),
      isDefault?: boolean(name='IsDefault', description='是否是默认防火墙。取值：
- **true**：是默认防火墙。
- **false**：不是默认防火墙。', example='true'),
      memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
    }
  ](name='AclGroupList', description='The information about the policy groups.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
  totalCount?: int32(name='TotalCount', description='The total number of the policy groups that are returned.', example='1'),
}

model DescribeVpcFirewallAclGroupListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallAclGroupListResponseBody(name='body'),
}

/**
 * @summary Queries the information about all policy groups of access control policies that are created for virtual private cloud (VPC) firewalls.
 *
 * @description You can call the DescribeVpcFirewallAclGroupList operation to query the information about all policy groups of access control policies that are created for VPC firewalls.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallAclGroupListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallAclGroupListResponse
 */
async function describeVpcFirewallAclGroupListWithOptions(request: DescribeVpcFirewallAclGroupListRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallAclGroupListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.firewallConfigureStatus)) {
    query['FirewallConfigureStatus'] = request.firewallConfigureStatus;
  }
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallAclGroupList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about all policy groups of access control policies that are created for virtual private cloud (VPC) firewalls.
 *
 * @description You can call the DescribeVpcFirewallAclGroupList operation to query the information about all policy groups of access control policies that are created for VPC firewalls.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallAclGroupListRequest
 * @return DescribeVpcFirewallAclGroupListResponse
 */
async function describeVpcFirewallAclGroupList(request: DescribeVpcFirewallAclGroupListRequest): DescribeVpcFirewallAclGroupListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallAclGroupListWithOptions(request, runtime);
}

model DescribeVpcFirewallCenDetailRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  networkInstanceId?: string(name='NetworkInstanceId', description='The ID of the VPC for which the VPC firewall is created.', example='vpc-2zefk9fbn8j7v585g****'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

> You can call the [DescribeVpcFirewallCenList](https://help.aliyun.com/document_detail/345777.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
}

model DescribeVpcFirewallCenDetailResponseBody = {
  connectType?: string(name='ConnectType', description='The connection type of the VPC firewall. The value is fixed as **cen**, which indicates CEN instances.', example='cen'),
  firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: enabled
*   **closed**: disabled
*   **notconfigured**: not configured', example='opened'),
  firewallVpc?: {
    allowConfiguration?: int32(name='AllowConfiguration', description='Indicates whether you can specify a CIDR block when you create a VPC firewall for a Basic Edition transit router of a CEN instance. Valid values:

*   **1**: yes
*   **0**: no', example='0'),
    standbyZoneId?: string(name='StandbyZoneId', description='Firewall backup availability zone ID.', example='cn-hangzhou-k'),
    vpcCidr?: string(name='VpcCidr', description='The CIDR block of the VPC.', example='10.0.0.0/8'),
    vpcId?: string(name='VpcId', description='The VPC ID.', example='vpc-bp1245k5oagy2bp74****'),
    vswitchCidr?: string(name='VswitchCidr', description='The CIDR block of the vSwitch.', example='10.0.0.1/24'),
    vswitchId?: string(name='VswitchId', description='The vSwitch ID.', example='vsw-bp1sqg9wms9wxcs1****'),
    vswitchZoneId?: string(name='VswitchZoneId', description='The availability zone ID of the virtual switch.', example='cn-hangzhou-i'),
    zoneId?: string(name='ZoneId', description='The zone ID.', example='cn-hangzhou-i'),
  }(name='FirewallVpc', description='The firewall VPC.'),
  localVpc?: {
    attachmentId?: string(name='AttachmentId', description='The ID of the connection between two network instances.', example='tr-attach-sxig7bye51fid5****'),
    attachmentName?: string(name='AttachmentName', description='The name of the connection between two network instances.', example='Local test'),
    defendCidrList?: [ string ](name='DefendCidrList', description='An array consisting of the CIDR blocks that are protected by the VPC firewall.'),
    eniList?: [ 
      {
        eniId?: string(name='EniId', description='The ID of the ENI that belongs to the VPC.', example='eni-8vbhfosfqv2rff42****'),
        eniPrivateIpAddress?: string(name='EniPrivateIpAddress', description='The private IP address of the ENI that belongs to the VPC.', example='192.168.XX.XX'),
        eniVSwitchId?: string(name='EniVSwitchId', description='The ID of the vSwitch to which the ENI is connected.', example='vsw-wz9viido7j436b0n1****'),
      }
    ](name='EniList', description='The Elastic Network Interfaces (ENIs).'),
    manualVSwitchId?: string(name='ManualVSwitchId', description='The ID of the specified vSwitch when the routing mode is manual.', example='vsw-zeq4o875u****'),
    networkInstanceId?: string(name='NetworkInstanceId', description='The ID of the VPC for which the VPC firewall is created.', example='vpc-2zefk9fbn8j7v585g****'),
    networkInstanceName?: string(name='NetworkInstanceName', description='The name of the network instance.', example='Test VPC'),
    networkInstanceType?: string(name='NetworkInstanceType', description='The type of the network instance. The value is fixed as **VPC**.', example='VPC'),
    ownerId?: string(name='OwnerId', description='The UID of the Alibaba Cloud account to which the VPC belongs.', example='158039427902****'),
    regionNo?: string(name='RegionNo', description='The ID of the region in which the VPC resides.', example='cn-hangzhou'),
    routeMode?: string(name='RouteMode', description='The routing mode. Valid values:

*   auto: automatic mode
*   manual: manual mode', example='auto'),
    supportManualMode?: string(name='SupportManualMode', description='Indicates whether the manual routing mode is supported. Valid values:

*   **1**: yes
*   **0**: no', example='0'),
    transitRouterId?: string(name='TransitRouterId', description='The instance ID of the CEN transit router.', example='tr-2zetwxskej633l3u1****'),
    transitRouterType?: string(name='TransitRouterType', description='The edition of the CEN transit router. Valid values:

*   **Basic**: Basic Edition
*   **Enterprise**: Enterprise Edition', example='Basic'),
    vpcCidrTableList?: [ 
      {
        routeEntryList?: [ 
          {
            destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the VPC.', example='192.168.XX.XX/24'),
            nextHopInstanceId?: string(name='NextHopInstanceId', description='The instance ID of the next hop for the VPC.', example='vrt-m5eb5me6c3l5sezae****'),
          }
        ](name='RouteEntryList', description='The route entries for the VPC.'),
        routeTableId?: string(name='RouteTableId', description='The route table ID of the VPC.', example='vtb-1234'),
      }
    ](name='VpcCidrTableList', description='An array that consists of the CIDR blocks of the VPC.'),
    vpcId?: string(name='VpcId', description='The ID of the VPC.', example='vpc-8vbwbo90rq0anm6t****'),
    vpcName?: string(name='VpcName', description='The name of the VPC.', example='Test instance'),
  }(name='LocalVpc', description='The details about the VPC.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125g4d2'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.', example='Test firewall'),
}

model DescribeVpcFirewallCenDetailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallCenDetailResponseBody(name='body'),
}

/**
 * @summary Queries the details about a virtual private cloud (VPC) firewall. The VPC firewall protects access traffic between a VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the DescribeVpcFirewallCenDetail operation to query the details about a VPC firewall. The VPC firewall protects access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallCenDetailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallCenDetailResponse
 */
async function describeVpcFirewallCenDetailWithOptions(request: DescribeVpcFirewallCenDetailRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallCenDetailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.networkInstanceId)) {
    query['NetworkInstanceId'] = request.networkInstanceId;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallCenDetail',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details about a virtual private cloud (VPC) firewall. The VPC firewall protects access traffic between a VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the DescribeVpcFirewallCenDetail operation to query the details about a VPC firewall. The VPC firewall protects access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallCenDetailRequest
 * @return DescribeVpcFirewallCenDetailResponse
 */
async function describeVpcFirewallCenDetail(request: DescribeVpcFirewallCenDetailRequest): DescribeVpcFirewallCenDetailResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallCenDetailWithOptions(request, runtime);
}

model DescribeVpcFirewallCenListRequest {
  cenId?: string(name='CenId', description='The ID of the CEN instance.', example='cen-x5jayxou71ad73****'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return.

Pages start from page 1. Default value: 1.', example='1'),
  firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not configured.
*   **configured**: The VPC firewall is configured but is not enabled.

> If you do not specify this parameter, VPC firewalls in all states are queried.', example='opened'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account. The member is also an Alibaba Cloud account.', example='258039427902****'),
  networkInstanceId?: string(name='NetworkInstanceId', description='The ID of the network instance.', example='vpc-8vbwbo90rq0anm6t****'),
  ownerId?: string(name='OwnerId'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Default value: 10. Maximum value: 50.', example='10'),
  regionNo?: string(name='RegionNo', description='The region ID of the VPC.

> For more information about the regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).', example='cn-hangzhou'),
  routeMode?: string(name='RouteMode', description='The routing mode of the VPC firewall. Valid values:

*   **auto**: automatic mode
*   **manual**: manual mode

> If you do not specify this parameter, VPC firewalls in all routing modes are queried.', example='auto'),
  transitRouterType?: string(name='TransitRouterType', description='The type of the transit router. Valid values:

*   **Basic**: Basic Edition transit router
*   **Enterprise**: Enterprise Edition transit router', example='Basic'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.', example='Test firewall'),
}

model DescribeVpcFirewallCenListResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125k8g2'),
  totalCount?: int32(name='TotalCount', description='The total number of VPC firewalls.', example='10'),
  vpcFirewalls?: [ 
    {
      aclConfig?: {
        strictMode?: int32(name='StrictMode'),
      }(name='AclConfig'),
      cenId?: string(name='CenId', description='The ID of the CEN instance.', example='cen-x5jayxou71ad73****'),
      cenName?: string(name='CenName', description='The name of the CEN instance.', example='Test CEN instance'),
      connectType?: string(name='ConnectType', description='The connection type of the VPC firewall. The value is fixed as cen, which indicates a CEN instance.', example='cen'),
      firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not configured.', example='opened'),
      ipsConfig?: {
        basicRules?: int32(name='BasicRules', description='Indicates whether basic protection is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
        enableAllPatch?: int32(name='EnableAllPatch', description='Indicates whether virtual patching is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
        ruleClass?: int32(name='RuleClass', description='The level of the rule group for the IPS. Valid values:

*   **1**: loose.
*   **2**: medium.
*   **3**: strict.', example='1'),
        runMode?: int32(name='RunMode', description='The mode of the IPS. Valid values:

*   **1**: block mode
*   **0**: monitor mode', example='0'),
      }(name='IpsConfig', description='The intrusion prevention system (IPS) configurations.'),
      localVpc?: {
        authorizationStatus?: string(name='AuthorizationStatus', description='Indicates whether the VPC is granted the required permissions. The value is fixed as **authorized**, which indicates that the VPC is granted the required permissions.', example='authorized'),
        defendCidrList?: [ string ](name='DefendCidrList', description='An array consisting of the CIDR blocks that are protected by the VPC firewall.'),
        manualVSwitchId?: string(name='ManualVSwitchId', description='The ID of the specified vSwitch when the routing mode is manual.', example='vsw-zeq4o875u****'),
        networkInstanceId?: string(name='NetworkInstanceId', description='The ID of the network instance.', example='vpc-2zefk9fbn8j7v585g****'),
        networkInstanceName?: string(name='NetworkInstanceName', description='The name of the network instance.', example='Test VPC'),
        networkInstanceType?: string(name='NetworkInstanceType', description='The type of the network instance. Valid values:

*   **VPC**
*   **VBR**
*   **CCN**', example='VPC'),
        ownerId?: long(name='OwnerId', description='The ID of the Alibaba Cloud account to which the VPC belongs.', example='158039427902****'),
        regionNo?: string(name='RegionNo', description='The region ID of the VPC.', example='cn-hangzhou'),
        routeMode?: string(name='RouteMode', description='The routing mode of the VPC firewall. Valid values:

*   **auto**: automatic mode
*   **manual**: manual mode', example='auto'),
        supportManualMode?: string(name='SupportManualMode', description='Indicates whether the manual routing mode is supported. Valid values:

*   **1**: yes
*   **0**: no', example='0'),
        transitRouterType?: string(name='TransitRouterType', description='The edition of the CEN transit router. Valid values:

*   **Basic**: Basic Edition transit router
*   **Enterprise**: Enterprise Edition transit router', example='Basic'),
        vpcCidrTableList?: [ 
          {
            routeEntryList?: [ 
              {
                destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the VPC.', example='192.168.XX.XX/24'),
                nextHopInstanceId?: string(name='NextHopInstanceId', description='The instance ID of the next hop for the VPC.', example='vrt-m5eb5me6c3l5sezae****'),
              }
            ](name='RouteEntryList', description='An array that consists of the route entries for the VPC.'),
            routeTableId?: string(name='RouteTableId', description='The route table ID of the VPC.', example='vtb-1234'),
          }
        ](name='VpcCidrTableList', description='An array that consists of the CIDR blocks of the VPC.'),
        vpcId?: string(name='VpcId', description='The ID of the VPC.', example='vpc-8vbwbo90rq0anm6t****'),
        vpcName?: string(name='VpcName', description='The name of the VPC.', example='Test instance'),
      }(name='LocalVpc', description='The details about the VPC.'),
      memberUid?: string(name='MemberUid', description='The UID of the member that is manged by your Alibaba Cloud account. The member is also an Alibaba Cloud account.', example='258039427902****'),
      precheckStatus?: string(name='PrecheckStatus', description='Indicates whether the VPC firewall can be automatically enabled to protect VPC traffic based on route learning. Valid values:

*   **passed**: The VPC firewall can be automatically enabled.
*   **failed**: The VPC firewall cannot be automatically enabled.
*   **unknown**: The VPC firewall is in an unknown state.', example='failed'),
      regionStatus?: string(name='RegionStatus', description='Indicates whether you can create a VPC firewall in a specified region. Valid values:

*   **enable**: yes
*   **disable**: no', example='enable'),
      resultCode?: string(name='ResultCode', description='The result code of the operation that creates the VPC firewall. Valid values:

*   **Unauthorized**: Cloud Firewall is not authorized to access the VPC for which the VPC firewall is created, and the VPC firewall cannot be created.
*   **RegionDisable**: VPC Firewall is not supported in the region of the VPC for which the VPC firewall is created, and the VPC firewall cannot be created.
*   **OpsDisable**: You are not allowed to create the VPC firewall.
*   **VbrNotSupport**: The VPC firewall cannot be created for a VBR that is attached to the CEN instance.
*   Empty string: You can create a VPC firewall for the network instance.', example='Unauthorized'),
      vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
      vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.', example='Test firewall'),
    }
  ](name='VpcFirewalls', description='The information about the VPC firewalls.'),
}

model DescribeVpcFirewallCenListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallCenListResponseBody(name='body'),
}

/**
 * @summary Queries virtual private cloud (VPC) firewalls. Each VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the DescribeVpcFirewallCenList operation to query VPC firewalls. A VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallCenListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallCenListResponse
 */
async function describeVpcFirewallCenListWithOptions(request: DescribeVpcFirewallCenListRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallCenListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.cenId)) {
    query['CenId'] = request.cenId;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.firewallSwitchStatus)) {
    query['FirewallSwitchStatus'] = request.firewallSwitchStatus;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.networkInstanceId)) {
    query['NetworkInstanceId'] = request.networkInstanceId;
  }
  if (!Util.isUnset(request.ownerId)) {
    query['OwnerId'] = request.ownerId;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.routeMode)) {
    query['RouteMode'] = request.routeMode;
  }
  if (!Util.isUnset(request.transitRouterType)) {
    query['TransitRouterType'] = request.transitRouterType;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  if (!Util.isUnset(request.vpcFirewallName)) {
    query['VpcFirewallName'] = request.vpcFirewallName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallCenList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries virtual private cloud (VPC) firewalls. Each VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the DescribeVpcFirewallCenList operation to query VPC firewalls. A VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallCenListRequest
 * @return DescribeVpcFirewallCenListResponse
 */
async function describeVpcFirewallCenList(request: DescribeVpcFirewallCenListRequest): DescribeVpcFirewallCenListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallCenListWithOptions(request, runtime);
}

model DescribeVpcFirewallControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: blocks the traffic.
*   **log**: monitors the traffic.

> If you do not specify this parameter, access control policies are queried based on all actions.', example='accept'),
  aclUuid?: string(name='AclUuid', description='The unique ID of the access control policy.', example='4037fbf7-3e39-4634-92a4-d0155247****'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return.', example='1'),
  description?: string(name='Description', description='The description of the access control policy. Fuzzy match is supported.', example='test'),
  destination?: string(name='Destination', description='The destination address in the access control policy. Fuzzy match is supported.

> The value of this parameter can be a CIDR block or an address book name.', example='192.0.XX.XX/24'),
  lang?: string(name='Lang', description='The language of the content within the request and response.

Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Maximum value: 50.', example='10'),
  proto?: string(name='Proto', description='The protocol type in the access control policy. Valid values:

*   **TCP**
*   **UDP**
*   **ICMP**
*   **ANY**: all protocol types

> If you do not specify this parameter, access control policies of all protocol types are queried.', example='TCP'),
  release?: string(name='Release', description='The status of the access control policy. Valid values:

*   **true**: enabled
*   **false**: disabled', example='true'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy. Fuzzy match is supported.

> The value of this parameter can be a CIDR block or an address book name.', example='192.0.XX.XX/24'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall. Valid values:

*   If the VPC firewall protects the traffic between two VPCs that are connected by using a CEN instance, the value of this parameter must be the ID of the CEN instance.
*   If the VPC firewall protects the traffic between two VPCs that are connected by using an Express Connect circuit, the value of this parameter must be the instance ID of the VPC firewall.

> You can call the [DescribeVpcFirewallAclGroupList](https://help.aliyun.com/document_detail/159760.html) operation to query the ID.

This parameter is required.', example='vfw-a42bbb7b887148c9****'),
}

model DescribeVpcFirewallControlPolicyResponseBody = {
  policys?: [ 
    {
      aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.', example='accept'),
      aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.', example='4037fbf7-3e39-4634-92a4-d0155247****'),
      applicationId?: string(name='ApplicationId', description='The application ID in the access control policy.', example='10**'),
      applicationName?: string(name='ApplicationName', description='The application types supported by the access control policy. We recommend that you specify ApplicationNameList. Valid values:

*   **HTTP**
*   **HTTPS**
*   **MySQL**
*   **SMTP**
*   **SMTPS**
*   **RDP**
*   **VNC**
*   **SSH**
*   **Redis**
*   **MQTT**
*   **MongoDB**
*   **Memcache**
*   **SSL**
*   **ANY**: all application types', example='HTTP'),
      applicationNameList?: [ string ](name='ApplicationNameList', description='The application types supported by the access control policy.'),
      createTime?: long(name='CreateTime', description='The time when the access control policy was created. The value is a UNIX timestamp. Unit: seconds.', example='1761062400'),
      description?: string(name='Description', description='The description of the access control policy.', example='test'),
      destPort?: string(name='DestPort', description='The destination port in the access control policy.', example='80'),
      destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.', example='my_port_group'),
      destPortGroupPorts?: [ string ](name='DestPortGroupPorts', description='The ports in the destination port address book of the access control policy.'),
      destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy. Valid values:

*   **port**: port
*   **group**: port address book', example='port'),
      destination?: string(name='Destination', description='The destination address in the access control policy. Valid values:

*   If **DestinationType** is set to `net`, the value of this parameter is a CIDR block.
*   If **DestinationType** is set to `domain`, the value of this parameter is a domain name.
*   If **DestinationType** is set to `group`, the value of this parameter is an address book name.', example='192.0.XX.XX/24'),
      destinationGroupCidrs?: [ string ](name='DestinationGroupCidrs', description='The CIDR blocks in the destination address book of the access control policy.'),
      destinationGroupType?: string(name='DestinationGroupType', description='The type of the destination address book in the access control policy. Valid values:

*   **ip**: an address book that includes one or more CIDR blocks
*   **domain**: an address book that includes one or more domain names', example='ip'),
      destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name', example='net'),
      domainResolveType?: string(name='DomainResolveType', description='The domain name resolution method of the access control policy. By default, an access control policy is enabled after the policy is created. Valid values:

* **FQDN**: fully qualified domain name (FQDN)-based resolution
* **DNS**: DNS-based dynamic resolution
* **FQDN_AND_DNS**: FQDN and DNS-based dynamic resolution', example='FQDN'),
      endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of StartTime.

>  If RepeatType is set to Permanent, EndTime is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, EndTime must be specified.', example='1694764800'),
      hitLastTime?: long(name='HitLastTime', description='The time when the access control policy was last hit. The value is a UNIX timestamp. Unit: seconds.', example='1579261141'),
      hitTimes?: long(name='HitTimes', description='The number of hits for the access control policy.', example='100'),
      memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
      modifyTime?: long(name='ModifyTime', description='The time when the access control policy was modified. The value is a UNIX timestamp. Unit: seconds.', example='1761062400'),
      order?: int32(name='Order', description='The priority of the access control policy.

The priority value starts from 1. A smaller priority value indicates a higher priority.', example='1'),
      proto?: string(name='Proto', description='The protocol type in the access control policy. Valid values:

*   **TCP**
*   **UDP**
*   **ICMP**
*   **ANY**: all protocol types', example='TCP'),
      release?: string(name='Release', description='Indicates whether the access control policy is enabled. By default, an access control policy is enabled after it is created. Valid values:

*   **true**
*   **false**', example='true'),
      repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If RepeatType is set to `Permanent`, `None`, or `Daily`, RepeatDays is left empty. Example: [].
*   If RepeatType is set to Weekly, RepeatDays must be specified. Example: [0, 6].

>  If RepeatType is set to Weekly, the fields in the value of RepeatDays cannot be repeated.

*   If RepeatType is set to `Monthly`, RepeatDays must be specified. Example: [1, 31].

>  If RepeatType is set to Monthly, the fields in the value of RepeatDays cannot be repeated.'),
      repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of RepeatStartTime.

>  If RepeatType is set to Permanent or None, RepeatEndTime is left empty. If RepeatType is set to Daily, Weekly, or Monthly, RepeatEndTime must be specified.', example='23:30'),
      repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of RepeatEndTime.

>  If RepeatType is set to Permanent or None, RepeatStartTime is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='08:00'),
      repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
      source?: string(name='Source', description='The source address in the access control policy. Valid values:

*   If **SourceType** is set to `net`, the value of this parameter is a CIDR block.
*   If **SourceType** is set to `group`, the value of this parameter is an address book name.', example='192.0.XX.XX/24'),
      sourceGroupCidrs?: [ string ](name='SourceGroupCidrs', description='The CIDR blocks in the source address book of the access control policy.'),
      sourceGroupType?: string(name='SourceGroupType', description='The type of the source address book in the access control policy. The value is fixed as **ip**. The value indicates an address book that includes one or more CIDR blocks.', example='ip'),
      sourceType?: string(name='SourceType', description='The type of the source address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book', example='net'),
      spreadCnt?: long(name='SpreadCnt', description='The total quota consumed by the returned access control policies, which is the sum of the quota consumed by each policy. The quota that is consumed by an access control policy is calculated by using the following formula: Quota that is consumed by an access control policy = Number of source addresses × Number of destination addresses (number of CIDR blocks or domain names) × Number of applications × Number of port ranges.', example='10,000'),
      startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of EndTime.

>  If RepeatType is set to Permanent, StartTime is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, StartTime must be specified.', example='1694761200'),
    }
  ](name='Policys', description='The details of the access control policies.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
  totalCount?: string(name='TotalCount', description='The total number of access control policies returned.', example='20'),
}

model DescribeVpcFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Queries the information about the access control policies for a specified virtual private cloud (VPC) firewall.
 *
 * @description You can call the DescribeVpcFirewallControlPolicy operation to query the information about all access control policies that are created for a specified VPC firewall. Different access control policies are used when a VPC firewall is used to protect traffic between two VPCs that are connected by using a Cloud Enterprise Network (CEN) instance or an Express Connect circuit.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallControlPolicyResponse
 */
async function describeVpcFirewallControlPolicyWithOptions(request: DescribeVpcFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the information about the access control policies for a specified virtual private cloud (VPC) firewall.
 *
 * @description You can call the DescribeVpcFirewallControlPolicy operation to query the information about all access control policies that are created for a specified VPC firewall. Different access control policies are used when a VPC firewall is used to protect traffic between two VPCs that are connected by using a Cloud Enterprise Network (CEN) instance or an Express Connect circuit.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallControlPolicyRequest
 * @return DescribeVpcFirewallControlPolicyResponse
 */
async function describeVpcFirewallControlPolicy(request: DescribeVpcFirewallControlPolicyRequest): DescribeVpcFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallControlPolicyWithOptions(request, runtime);
}

model DescribeVpcFirewallDefaultIPSConfigRequest {
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall. Valid values:

*   If the VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance, the value of this parameter is the ID of the CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. You can call the [DescribeVpcFirewallCenList](https://help.aliyun.com/document_detail/345777.html) operation to query the IDs of CEN instances.
*   If the VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit, the value of this parameter is the instance ID of the VPC firewall. You can call the [DescribeVpcFirewallList](https://help.aliyun.com/document_detail/342932.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
}

model DescribeVpcFirewallDefaultIPSConfigResponseBody = {
  basicRules?: int32(name='BasicRules', description='Indicates whether basic policies are enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
  enableAllPatch?: int32(name='EnableAllPatch', description='Indicates whether virtual patching is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125adf1'),
  ruleClass?: int32(name='RuleClass', description='The level of the rule group for the IPS. Valid values:

*   **1**: loose.
*   **2**: medium.
*   **3**: strict.', example='1'),
  runMode?: int32(name='RunMode', description='The mode of the intrusion prevention system (IPS). Valid values:

*   **1**: block mode
*   **0**: monitor mode', example='0'),
}

model DescribeVpcFirewallDefaultIPSConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallDefaultIPSConfigResponseBody(name='body'),
}

/**
 * @summary Queries the intrusion prevention configurations of a virtual private cloud (VPC) firewall.
 *
 * @description You can call the DescribeVpcFirewallDefaultIPSConfig operation to query the intrusion prevention configurations of a VPC firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallDefaultIPSConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallDefaultIPSConfigResponse
 */
async function describeVpcFirewallDefaultIPSConfigWithOptions(request: DescribeVpcFirewallDefaultIPSConfigRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallDefaultIPSConfigResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallDefaultIPSConfig',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the intrusion prevention configurations of a virtual private cloud (VPC) firewall.
 *
 * @description You can call the DescribeVpcFirewallDefaultIPSConfig operation to query the intrusion prevention configurations of a VPC firewall.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallDefaultIPSConfigRequest
 * @return DescribeVpcFirewallDefaultIPSConfigResponse
 */
async function describeVpcFirewallDefaultIPSConfig(request: DescribeVpcFirewallDefaultIPSConfigRequest): DescribeVpcFirewallDefaultIPSConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallDefaultIPSConfigWithOptions(request, runtime);
}

model DescribeVpcFirewallDetailRequest {
  lang?: string(name='Lang', description='The natural language of the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  localVpcId?: string(name='LocalVpcId', description='The ID of the local VPC.', example='vpc-8vbwbo90rq0anm6t****'),
  peerVpcId?: string(name='PeerVpcId', description='The ID of the peer VPC.', example='vpc-90rq0anm6t8vbwbo****'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

>  You can call the [DescribeVpcFirewallList](https://help.aliyun.com/document_detail/342932.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
}

model DescribeVpcFirewallDetailResponseBody = {
  bandwidth?: int32(name='Bandwidth', description='The bandwidth of the Express Connect circuit. Unit: Mbit/s.', example='2'),
  connectType?: string(name='ConnectType', description='The connection type of the VPC firewall. The value is fixed as **expressconnect**, which indicates Express Connect circuits.', example='expressconnect'),
  firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not configured.
*   **configured**: The VPC firewall is configured.', example='opened'),
  localVpc?: {
    eniId?: string(name='EniId', description='The ID of the ENI for the local VPC.', example='eni-8vbhfosfqv2rff42****'),
    eniPrivateIpAddress?: string(name='EniPrivateIpAddress', description='The private IP address of the elastic network interface (ENI) for the local VPC.', example='192.168.XX.XX'),
    regionNo?: string(name='RegionNo', description='The region ID of the local VPC.', example='cn-hangzhou'),
    routerInterfaceId?: string(name='RouterInterfaceId', description='The router interface ID of the local VPC.', example='vrt-m5eb5me6c3l5sezae****'),
    vpcCidrTableList?: [ 
      {
        routeEntryList?: [ 
          {
            destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the local VPC.', example='192.168.XX.XX/24'),
            nextHopInstanceId?: string(name='NextHopInstanceId', description='The instance ID of the next hop for the local VPC.', example='vrt-m5eb5me6c3l5sezae****'),
          }
        ](name='RouteEntryList', description='The route entries of the local VPC.'),
        routeTableId?: string(name='RouteTableId', description='The ID of the route table for the local VPC.', example='vtb-1234'),
      }
    ](name='VpcCidrTableList', description='The CIDR blocks of the local VPC.'),
    vpcId?: string(name='VpcId', description='The ID of the local VPC.', example='vpc-8vbwbo90rq0anm6t****'),
    vpcName?: string(name='VpcName', description='The name of the local VPC.', example='Vitasoy'),
  }(name='LocalVpc', description='The details about the local VPC.'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  peerVpc?: {
    eniId?: string(name='EniId', description='The ID of the ENI for the peer VPC.', example='eni-8vbhfosfqv2rff42****'),
    eniPrivateIpAddress?: string(name='EniPrivateIpAddress', description='The private IP address of the ENI for the peer VPC.', example='192.168.XX.XX'),
    regionNo?: string(name='RegionNo', description='The region ID of the peer VPC.', example='cn-hangzhou'),
    routerInterfaceId?: string(name='RouterInterfaceId', description='The router interface ID of the peer VPC.', example='vrt-m5eb5me6c3l5sezae****'),
    vpcCidrTableList?: [ 
      {
        routeEntryList?: [ 
          {
            destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the peer VPC.', example='192.168.XX.XX/24'),
            nextHopInstanceId?: string(name='NextHopInstanceId', description='The instance ID of the next hop for the peer VPC.', example='vrt-m5eb5me6c3l5sezae****'),
          }
        ](name='RouteEntryList', description='The route entries of the peer VPC.'),
        routeTableId?: string(name='RouteTableId', description='The ID of the route table for the peer VPC.', example='vtb-1256'),
      }
    ](name='VpcCidrTableList', description='The CIDR blocks of the peer VPC.'),
    vpcId?: string(name='VpcId', description='The ID of the peer VPC.', example='vpc-90rq0anm6t8vbwbo****'),
    vpcName?: string(name='VpcName', description='The name of the peer VPC.', example='zcy_prod'),
  }(name='PeerVpc', description='The details about the peer VPC.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125g4d2'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.', example='tf-test'),
}

model DescribeVpcFirewallDetailResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallDetailResponseBody(name='body'),
}

/**
 * @summary Queries the details about a virtual private cloud (VPC) firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the DescribeVpcFirewallDetail operation to query the details about a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit.  
 * Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://www.alibabacloud.com/help/en/cloud-firewall/latest/createvpcfirewallconfigure) operation.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallDetailRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallDetailResponse
 */
async function describeVpcFirewallDetailWithOptions(request: DescribeVpcFirewallDetailRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallDetailResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.localVpcId)) {
    query['LocalVpcId'] = request.localVpcId;
  }
  if (!Util.isUnset(request.peerVpcId)) {
    query['PeerVpcId'] = request.peerVpcId;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallDetail',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details about a virtual private cloud (VPC) firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the DescribeVpcFirewallDetail operation to query the details about a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit.  
 * Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://www.alibabacloud.com/help/en/cloud-firewall/latest/createvpcfirewallconfigure) operation.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallDetailRequest
 * @return DescribeVpcFirewallDetailResponse
 */
async function describeVpcFirewallDetail(request: DescribeVpcFirewallDetailRequest): DescribeVpcFirewallDetailResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallDetailWithOptions(request, runtime);
}

model DescribeVpcFirewallIPSWhitelistRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response.

Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  memberUid?: long(name='MemberUid', description='The UID of the member in Cloud Firewall.', example='1766185894104675'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

This parameter is required.', example='vfw-3547deab1c9b4190a53f'),
}

model DescribeVpcFirewallIPSWhitelistResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='B5EE02F9-4F21-56CA-AA49-F9F8D69483C1'),
  whitelists?: [ 
    {
      listType?: long(name='ListType', description='The type of the list. Valid values:

*   **1**: user-defined
*   **2**: address book', example='1'),
      listValue?: string(name='ListValue', description='The entries in the list.', example='10.10.200.4/32,10.10.200.25/32'),
      vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-57431e9abe424852a578'),
      whiteListValue?: [ string ](name='WhiteListValue', description='An array of entries in the list.'),
      whiteType?: long(name='WhiteType', description='The type of the whitelist. Valid values:

*   **1**: destination
*   **2**: source', example='1'),
    }
  ](name='Whitelists', description='The details of the IPS whitelist of the VPC firewall.'),
}

model DescribeVpcFirewallIPSWhitelistResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallIPSWhitelistResponseBody(name='body'),
}

/**
 * @summary Queries the IPS whitelist of a virtual private cloud (VPC) firewall.
 *
 * @param request DescribeVpcFirewallIPSWhitelistRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallIPSWhitelistResponse
 */
async function describeVpcFirewallIPSWhitelistWithOptions(request: DescribeVpcFirewallIPSWhitelistRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallIPSWhitelistResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallIPSWhitelist',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the IPS whitelist of a virtual private cloud (VPC) firewall.
 *
 * @param request DescribeVpcFirewallIPSWhitelistRequest
 * @return DescribeVpcFirewallIPSWhitelistResponse
 */
async function describeVpcFirewallIPSWhitelist(request: DescribeVpcFirewallIPSWhitelistRequest): DescribeVpcFirewallIPSWhitelistResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallIPSWhitelistWithOptions(request, runtime);
}

model DescribeVpcFirewallListRequest {
  connectSubType?: string(name='ConnectSubType', description='The sub-type of the connection. Valid values:

*   **vpc2vpc**: Express Connect connection
*   **vpcpeer**: peer connection', example='vpcpeer'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return.

Pages start from page **1**. Default value: **1**.', example='1'),
  firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not configured.
*   **configured**: The VPC firewall is configured.

> If you do not specify this parameter, VPC firewalls in all states are queried.', example='opened'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page.

Default value: **10**. Maximum value: **50**.', example='10'),
  peerUid?: string(name='PeerUid', description='The UID of the Alibaba Cloud account to which the peer VPC belongs.', example='258039427902****'),
  regionNo?: string(name='RegionNo', description='The region ID of the VPC.

> For more information about the regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).', example='cn-hangzhou'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.', example='Test firewall'),
  vpcId?: string(name='VpcId', description='The ID of the VPC.', example='vpc-8vbwbo90rq0anm6t****'),
}

model DescribeVpcFirewallListResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125k8g2'),
  totalCount?: int32(name='TotalCount', description='The total number of VPC firewalls.', example='10'),
  vpcFirewalls?: [ 
    {
      aclConfig?: {
        strictMode?: int32(name='StrictMode', description='This parameter is required.'),
      }(name='AclConfig'),
      bandwidth?: int32(name='Bandwidth', description='The bandwidth of the Express Connect circuit. Unit: Mbit/s.', example='2'),
      connectSubType?: string(name='ConnectSubType', description='The sub-type of the connection. Valid values:

*   **vpc2vpc**: Express Connect connection
*   **vpcpeer**: peer connection', example='vpcpeer'),
      connectType?: string(name='ConnectType', description='The connection type of the VPC firewall. The value is fixed as **expressconnect**, which indicates an Express Connect connection.', example='expressconnect'),
      firewallSwitchStatus?: string(name='FirewallSwitchStatus', description='The status of the VPC firewall. Valid values:

*   **opened**: The VPC firewall is enabled.
*   **closed**: The VPC firewall is disabled.
*   **notconfigured**: The VPC firewall is not configured.', example='opened'),
      ipsConfig?: {
        basicRules?: int32(name='BasicRules', description='Indicates whether basic protection is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
        enableAllPatch?: int32(name='EnableAllPatch', description='Indicates whether virtual patching is enabled. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
        ruleClass?: int32(name='RuleClass', description='The level of the rule group for the IPS. Valid values:

*   **1**: loose
*   **2**: medium
*   **3**: strict', example='1'),
        runMode?: int32(name='RunMode', description='The mode of the IPS. Valid values:

*   **1**: block mode
*   **0**: monitor mode', example='0'),
      }(name='IpsConfig', description='The intrusion prevention system (IPS) configurations.'),
      localVpc?: {
        authorizationStatus?: string(name='AuthorizationStatus', description='Indicates whether Cloud Firewall is authorized to access the local VPC. The value is fixed as authorized, which indicates that Cloud Firewall is authorized to access the local VPC.', example='authorized'),
        ownerId?: long(name='OwnerId', description='The UID of the Alibaba Cloud account to which the local VPC belongs.', example='158039427902****'),
        regionNo?: string(name='RegionNo', description='The region ID of the local VPC.', example='cn-hangzhou'),
        vpcCidrTableList?: [ 
          {
            routeEntryList?: [ 
              {
                destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the local VPC.', example='192.168.XX.XX/24'),
                nextHopInstanceId?: string(name='NextHopInstanceId', description='The instance ID of the next hop for the local VPC.', example='vrt-m5eb5me6c3l5sezae****'),
              }
            ](name='RouteEntryList', description='An array that consists of the route entries of the local VPC.'),
            routeTableId?: string(name='RouteTableId', description='The ID of the route table for the local VPC.', example='vtb-1234'),
          }
        ](name='VpcCidrTableList', description='An array that consists of the CIDR blocks of the local VPC.'),
        vpcId?: string(name='VpcId', description='The ID of the local VPC.', example='vpc-8vbwbo90rq0anm6t****'),
        vpcName?: string(name='VpcName', description='The name of the local VPC.', example='Test instance'),
      }(name='LocalVpc', description='The details about the local VPC.'),
      memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
      peerVpc?: {
        authorizationStatus?: string(name='AuthorizationStatus', description='Indicates whether Cloud Firewall is authorized to access the peer VPC. The value is fixed as **authorized**, which indicates that Cloud Firewall is authorized to access the peer VPC.', example='authorized'),
        ownerId?: long(name='OwnerId', description='The UID of the Alibaba Cloud account to which the peer VPC belongs.', example='158039427902****'),
        regionNo?: string(name='RegionNo', description='The region ID of the peer VPC.', example='cn-hangzhou'),
        vpcCidrTableList?: [ 
          {
            routeEntryList?: [ 
              {
                destinationCidr?: string(name='DestinationCidr', description='The destination CIDR block of the peer VPC.', example='192.168.XX.XX/24'),
                nextHopInstanceId?: string(name='NextHopInstanceId', description='The instance ID of the next hop for the peer VPC.', example='vrt-m5eb5me6c3l5sezae****'),
              }
            ](name='RouteEntryList', description='An array that consists of the route entries of the peer VPC.'),
            routeTableId?: string(name='RouteTableId', description='The ID of the route table for the peer VPC.', example='vtb-1256'),
          }
        ](name='VpcCidrTableList', description='An array that consists of the CIDR blocks of the peer VPC.'),
        vpcId?: string(name='VpcId', description='The ID of the peer VPC.', example='vpc-8vbwbo90rq0anm6t****'),
        vpcName?: string(name='VpcName', description='The name of the peer VPC.', example='Test VPC 2'),
      }(name='PeerVpc', description='The details about the peer VPC.'),
      regionStatus?: string(name='RegionStatus', description='Indicates whether you can create a VPC firewall in a specified region. Valid values:

*   **enable**: yes
*   **disable**: no', example='enable'),
      resultCode?: string(name='ResultCode', description='The result code of the operation that creates the VPC firewall. Valid values:

*   **Unauthorized**: Cloud Firewall is not authorized to access a VPC for which the VPC firewall is created, and the VPC firewall cannot be created.
*   **RegionDisable**: VPC Firewall is not supported in the region of a VPC for which the VPC firewall is created, and the VPC firewall cannot be created.
*   **Empty string**: You can create a VPC firewall for the network instance.', example='Unauthorized'),
      vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.', example='vfw-m5e7dbc4y****'),
      vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.', example='Test firewall'),
    }
  ](name='VpcFirewalls', description='The information about the VPC firewalls.'),
}

model DescribeVpcFirewallListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallListResponseBody(name='body'),
}

/**
 * @summary Queries the details about virtual private cloud (VPC) firewalls by page. Each VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the DescribeVpcFirewallList operation to query the details about VPC firewalls by page. Each VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit.
 * ### Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallListResponse
 */
async function describeVpcFirewallListWithOptions(request: DescribeVpcFirewallListRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.connectSubType)) {
    query['ConnectSubType'] = request.connectSubType;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.firewallSwitchStatus)) {
    query['FirewallSwitchStatus'] = request.firewallSwitchStatus;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.peerUid)) {
    query['PeerUid'] = request.peerUid;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  if (!Util.isUnset(request.vpcFirewallName)) {
    query['VpcFirewallName'] = request.vpcFirewallName;
  }
  if (!Util.isUnset(request.vpcId)) {
    query['VpcId'] = request.vpcId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the details about virtual private cloud (VPC) firewalls by page. Each VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the DescribeVpcFirewallList operation to query the details about VPC firewalls by page. Each VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit.
 * ### Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallListRequest
 * @return DescribeVpcFirewallListResponse
 */
async function describeVpcFirewallList(request: DescribeVpcFirewallListRequest): DescribeVpcFirewallListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallListWithOptions(request, runtime);
}

model DescribeVpcFirewallPolicyPriorUsedRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response.

Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The ID of the access control policy group. You can call the [DescribeVpcFirewallAclGroupList](https://help.aliyun.com/document_detail/159760.html) operation to query the ID.

*   If the VPC firewall is used to protect a Cloud Enterprise Network (CEN) instance, the value of this parameter is the ID of the CEN instance.

    Example: cen-ervw0g12b5jbw\\\\*\\\\*\\\\*\\\\*.

*   If the VPC firewall is used to protect an Express Connect circuit, the value of this parameter is the ID of the VPC firewall.

    Example: vfw-a42bbb7b887148c9\\\\*\\\\*\\\\*\\\\*.

This parameter is required.', example='vfw-a42bbb7b887148c9****'),
}

model DescribeVpcFirewallPolicyPriorUsedResponseBody = {
  end?: int32(name='End', description='The lowest priority for the access control policies.', example='150'),
  requestId?: string(name='RequestId', description='The request ID.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
  start?: int32(name='Start', description='The highest priority for the access control policies.', example='1'),
}

model DescribeVpcFirewallPolicyPriorUsedResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcFirewallPolicyPriorUsedResponseBody(name='body'),
}

/**
 * @summary Queries the priority range of access control policies that are created for a virtual private cloud (VPC) firewall in a specific policy group.
 *
 * @description You can call this operation to query the priority range of access control policies that are created for a VPC firewall in a specific policy group.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallPolicyPriorUsedRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcFirewallPolicyPriorUsedResponse
 */
async function describeVpcFirewallPolicyPriorUsedWithOptions(request: DescribeVpcFirewallPolicyPriorUsedRequest, runtime: Util.RuntimeOptions): DescribeVpcFirewallPolicyPriorUsedResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcFirewallPolicyPriorUsed',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the priority range of access control policies that are created for a virtual private cloud (VPC) firewall in a specific policy group.
 *
 * @description You can call this operation to query the priority range of access control policies that are created for a VPC firewall in a specific policy group.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request DescribeVpcFirewallPolicyPriorUsedRequest
 * @return DescribeVpcFirewallPolicyPriorUsedResponse
 */
async function describeVpcFirewallPolicyPriorUsed(request: DescribeVpcFirewallPolicyPriorUsedRequest): DescribeVpcFirewallPolicyPriorUsedResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcFirewallPolicyPriorUsedWithOptions(request, runtime);
}

model DescribeVpcListLiteRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  regionNo?: string(name='RegionNo', description='The region ID of the VPC.

>  For more information about Cloud Firewall supported regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).', example='cn-shanghai'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='58.34.174.194'),
  vpcId?: string(name='VpcId', description='The ID of the VPC.', example='vpc-8vbwbo90rq0anm6t****'),
  vpcName?: string(name='VpcName', description='The name of the VPC.', example='vpc-shanghai'),
}

model DescribeVpcListLiteResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='55E56A55-D93A-5614-AE00-BE2F8077F891'),
  vpcList?: [ 
    {
      regionNo?: string(name='RegionNo', description='The region ID of the VPC.', example='cn-hangzhou'),
      vpcId?: string(name='VpcId', description='The ID of the VPC.', example='vpc-wz9dqhljd10fk0b4eh885'),
      vpcName?: string(name='VpcName', description='The name of the VPC.', example='Cloud_Firewall_VPC'),
    }
  ](name='VpcList', description='The information about the VPCs.'),
}

model DescribeVpcListLiteResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcListLiteResponseBody(name='body'),
}

/**
 * @summary Queries virtual private clouds (VPCs).
 *
 * @param request DescribeVpcListLiteRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcListLiteResponse
 */
async function describeVpcListLiteWithOptions(request: DescribeVpcListLiteRequest, runtime: Util.RuntimeOptions): DescribeVpcListLiteResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.vpcId)) {
    query['VpcId'] = request.vpcId;
  }
  if (!Util.isUnset(request.vpcName)) {
    query['VpcName'] = request.vpcName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcListLite',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries virtual private clouds (VPCs).
 *
 * @param request DescribeVpcListLiteRequest
 * @return DescribeVpcListLiteResponse
 */
async function describeVpcListLite(request: DescribeVpcListLiteRequest): DescribeVpcListLiteResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcListLiteWithOptions(request, runtime);
}

model DescribeVpcZoneRequest {
  environment?: string(name='Environment', description='The environment. Valid values:

*   **VPC**
*   **TransitRouter**', example='VPC'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member in Cloud Firewall.', example='1415189284827022'),
  regionNo?: string(name='RegionNo', description='The region ID.

This parameter is required.', example='cn-shanghai'),
}

model DescribeVpcZoneResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='694DFBF3-C060-529F-92D0-7FC7E0DA1E21'),
  zoneList?: [ 
    {
      localName?: string(name='LocalName', description='The name of the zone.', example='Hangzhou Zone B'),
      zoneId?: string(name='ZoneId', description='The zone ID.', example='cn-hangzhou-b'),
      zoneType?: string(name='ZoneType', description='The zone type. Default value: AvailabilityZone. This value indicates Alibaba Cloud zones.', example='AvailabilityZone'),
    }
  ](name='ZoneList', description='The zones.'),
}

model DescribeVpcZoneResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVpcZoneResponseBody(name='body'),
}

/**
 * @summary Queries virtual private cloud (VPC) zones.
 *
 * @param request DescribeVpcZoneRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVpcZoneResponse
 */
async function describeVpcZoneWithOptions(request: DescribeVpcZoneRequest, runtime: Util.RuntimeOptions): DescribeVpcZoneResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.environment)) {
    query['Environment'] = request.environment;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.regionNo)) {
    query['RegionNo'] = request.regionNo;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVpcZone',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries virtual private cloud (VPC) zones.
 *
 * @param request DescribeVpcZoneRequest
 * @return DescribeVpcZoneResponse
 */
async function describeVpcZone(request: DescribeVpcZoneRequest): DescribeVpcZoneResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVpcZoneWithOptions(request, runtime);
}

model DescribeVulnerabilityProtectedListRequest {
  attackType?: string(name='AttackType', description='The attack type of the vulnerability prevention event. Valid values:

*   **1**: suspicious connection
*   **2**: command execution
*   **3**: brute-force attack
*   **4**: scanning
*   **5**: others
*   **6**: information leakage
*   **7**: DoS attack
*   **8**: buffer overflow attack
*   **9**: web attack
*   **10**: webshell
*   **11**: computer worm
*   **12**: mining
*   **13**: reverse shell

>  If you do not specify this parameter, the intrusion events of all attack types are queried.', example='13'),
  buyVersion?: long(name='BuyVersion', description='The edition of Cloud Firewall. If you use Cloud Firewall that uses the pay-as-you-go billing method, set the value to 10. You do not need to specify this parameter for other editions.', example='10'),
  currentPage?: string(name='CurrentPage', description='The number of the page to return. Default value: 1.', example='1'),
  endTime?: string(name='EndTime', description='The end of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1646063922'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  order?: string(name='Order', description='The order in which you want to sort the queried information. Valid values:

*   **asc**: the ascending order.
*   **desc**: the descending order. This is the default value.', example='desc'),
  pageSize?: string(name='PageSize', description='The number of entries to return on each page. Maximum value: 50.', example='10'),
  sortKey?: string(name='SortKey', description='The sorting basis. Set the value to **attackCnt**, which indicates the number of attacks.', example='attackCnt'),
  sourceIp?: string(name='SourceIp', description='The IP address of the access source.', example='112.239.XX.XX', deprecated=true),
  startTime?: string(name='StartTime', description='The beginning of the time range to query. The value is a UNIX timestamp. Unit: seconds.

This parameter is required.', example='1655778046'),
  userType?: string(name='UserType', description='The type of the user. Set the value to **buy**, which indicates user of a paid edition of Cloud Firewall.', example='buy'),
  vulnCveName?: string(name='VulnCveName', description='The Common Vulnerabilities and Exposures (CVE) ID of the vulnerability.', example='CVE-2022-2992'),
  vulnLevel?: string(name='VulnLevel', description='The risk level of the vulnerability. Valid values:

*   **high**
*   **medium**
*   **low**', example='medium'),
  vulnResource?: string(name='VulnResource', description='The number of assets that are affected by the vulnerability.', example='1'),
  vulnStatus?: string(name='VulnStatus', description='The status of vulnerability protection. Valid values:

*   **partProtected**: partially protected
*   **protected**: protected
*   **unProtected**: unprotected', example='protected'),
  vulnType?: string(name='VulnType', description='The type of the vulnerability. Valid values:

*   **App**: application vulnerability
*   **emg**: urgent vulnerability
*   **cms**: Web-CMS vulnerability', example='emg'),
}

model DescribeVulnerabilityProtectedListResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='D355C631-1537-59C5-A56E-F6C5037B99E5'),
  totalCount?: int32(name='TotalCount', description='The total number of vulnerabilities that are detected by Cloud Firewall.', example='5'),
  vulnList?: [ 
    {
      attackCnt?: int32(name='AttackCnt', description='The number of vulnerability attacks.', example='0'),
      attackType?: int32(name='AttackType', description='The attack type of the vulnerability prevention event. Valid values:

*   **1**: suspicious connection
*   **2**: command execution
*   **3**: brute-force attack
*   **4**: scanning
*   **5**: others
*   **6**: information leakage
*   **7**: DoS attack
*   **8**: buffer overflow attack
*   **9**: web attack
*   **10**: webshell
*   **11**: computer worm
*   **12**: mining
*   **13**: reverse shell', example='13'),
      basicRuleIds?: string(name='BasicRuleIds', description='The IDs of associated basic protection policies.', example='12,12'),
      cveId?: string(name='CveId', description='The CVE IDs.', example='12112131123, 1231123112'),
      firstTime?: long(name='FirstTime', description='The time when the first attack was launched.', example='1608687364'),
      highlightTag?: int32(name='HighlightTag', description='Indicates whether you need to pay special attention to the vulnerability. Valid values:

*   **0**: no
*   **1**: yes', example='0'),
      lastTime?: long(name='LastTime', description='The time when the last attack was launched.', example='1608687364'),
      memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='119384235299****'),
      needOpenBasicRule?: boolean(name='NeedOpenBasicRule', description='Indicates whether the basic protection policy that related to the vulnerability is enabled. Valid values:

*   **true**
*   **false**

>  If the value of this parameter is true, you must set the action of the basic protection policy related to the vulnerability to Block.', example='false'),
      needOpenBasicRuleUuids?: string(name='NeedOpenBasicRuleUuids', description='The UUIDs of the basic protection policies for which the action needs to be changed to Block.', example='UUID-1231231'),
      needOpenRunMode?: boolean(name='NeedOpenRunMode', description='Indicates whether Threat Engine Mode needs to be configured when you enable protection. Valid values:

*   **true**
*   **false**', example='true'),
      needOpenVirtualPatche?: boolean(name='NeedOpenVirtualPatche', description='Indicates whether the virtual patching policy that related to the vulnerability is enabled. Valid values:

*   **true**
*   **false**

>  If the value of this parameter is true, you must set the action of the virtual patching policy that related to the vulnerability to Block.', example='true'),
      needOpenVirtualPatcheUuids?: string(name='NeedOpenVirtualPatcheUuids', description='The UUIDs of the virtual patching policies for which the action needs to be changed to Block.', example='UUID-1231231234'),
      needRuleClass?: int32(name='NeedRuleClass', description='The type of the rule group. Valid values:

*   **1** (default): loose
*   **2**: medium
*   **3**: strict', example='1'),
      resourceCnt?: int32(name='ResourceCnt', description='The number of assets on which vulnerabilities are detected.', example='0'),
      resourceList?: [ 
        {
          eip?: string(name='Eip', description='The elastic IP address (EIP) that is associated with the instance.', example='203.107.XX.XX'),
          internetIp?: string(name='InternetIp', description='The public IP address of the instance.', example='47.96.XX.XX'),
          intranetIp?: string(name='IntranetIp', description='The private IP address of the instance.', example='192.168.XX.XX'),
          regionId?: string(name='RegionId', description='The region ID of your Cloud Firewall.

>  For more information about Cloud Firewall supported regions, see [Supported regions](https://help.aliyun.com/document_detail/195657.html).', example='cn-beijing'),
          resourceId?: string(name='ResourceId', description='The ID of the instance.', example='vfw-m5e7dbc4y****'),
          resourceName?: string(name='ResourceName', description='The name of the instance.', example='ECS'),
          resourceType?: string(name='ResourceType', description='The type of the asset. Valid values:

*   **SLB**
*   **EIP**
*   **ECS**', example='EIP'),
          vulnStatus?: string(name='VulnStatus', description='The status of the vulnerability prevention feature. Valid values:

*   **partProtected**: enabled for partial assets
*   **protected**: enabled
*   **unProtected**: disabled', example='protected'),
        }
      ](name='ResourceList', description='The assets on which the vulnerability is detected.'),
      virtualPatcheIds?: string(name='VirtualPatcheIds', description='The IDs of associated virtual patching policies.', example='13,13'),
      vulnKey?: string(name='VulnKey', description='The code of the vulnerability.', example='dedecms-archive.helper.php-vul'),
      vulnLevel?: string(name='VulnLevel', description='The risk level of the vulnerability. Valid values:

*   **high**
*   **medium**
*   **low**', example='high'),
      vulnName?: string(name='VulnName', description='The name of the vulnerability.', example='Deserialization vulnerability of arbitrary code execution in Fastjson 1.2.80 and earlier versions'),
      vulnStatus?: string(name='VulnStatus', description='The status of the vulnerability prevention feature. Valid values:

*   **partProtected**: enabled for partial assets
*   **protected**: enabled
*   **unProtected**: disabled', example='protected'),
      vulnType?: string(name='VulnType', description='The type of the vulnerability. Valid values:

*   **emg**: urgent vulnerability
*   **webcms**: Web-CMS vulnerability
*   **app**: application vulnerability', example='emg'),
    }
  ](name='VulnList', description='The vulnerabilities.'),
  zeroResourceCount?: int32(name='ZeroResourceCount', description='The number of assets on which no vulnerabilities are detected.', example='1'),
}

model DescribeVulnerabilityProtectedListResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: DescribeVulnerabilityProtectedListResponseBody(name='body'),
}

/**
 * @summary Queries the vulnerabilities that are supported by Cloud Firewall.
 *
 * @param request DescribeVulnerabilityProtectedListRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return DescribeVulnerabilityProtectedListResponse
 */
async function describeVulnerabilityProtectedListWithOptions(request: DescribeVulnerabilityProtectedListRequest, runtime: Util.RuntimeOptions): DescribeVulnerabilityProtectedListResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.attackType)) {
    query['AttackType'] = request.attackType;
  }
  if (!Util.isUnset(request.buyVersion)) {
    query['BuyVersion'] = request.buyVersion;
  }
  if (!Util.isUnset(request.currentPage)) {
    query['CurrentPage'] = request.currentPage;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.order)) {
    query['Order'] = request.order;
  }
  if (!Util.isUnset(request.pageSize)) {
    query['PageSize'] = request.pageSize;
  }
  if (!Util.isUnset(request.sortKey)) {
    query['SortKey'] = request.sortKey;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.userType)) {
    query['UserType'] = request.userType;
  }
  if (!Util.isUnset(request.vulnCveName)) {
    query['VulnCveName'] = request.vulnCveName;
  }
  if (!Util.isUnset(request.vulnLevel)) {
    query['VulnLevel'] = request.vulnLevel;
  }
  if (!Util.isUnset(request.vulnResource)) {
    query['VulnResource'] = request.vulnResource;
  }
  if (!Util.isUnset(request.vulnStatus)) {
    query['VulnStatus'] = request.vulnStatus;
  }
  if (!Util.isUnset(request.vulnType)) {
    query['VulnType'] = request.vulnType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'DescribeVulnerabilityProtectedList',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Queries the vulnerabilities that are supported by Cloud Firewall.
 *
 * @param request DescribeVulnerabilityProtectedListRequest
 * @return DescribeVulnerabilityProtectedListResponse
 */
async function describeVulnerabilityProtectedList(request: DescribeVulnerabilityProtectedListRequest): DescribeVulnerabilityProtectedListResponse {
  var runtime = new Util.RuntimeOptions{};
  return describeVulnerabilityProtectedListWithOptions(request, runtime);
}

model ModifyAddressBookRequest {
  addressList?: string(name='AddressList', description='The addresses in the address book. Separate multiple addresses with commas (,). If you set GroupType to **ip**, **port**, or **domain**, you must specify this parameter.

*   If you set GroupType to **ip**, you must specify IP addresses for the address book. Example: 1.2.XX.XX/32,1.2.XX.XX/24.
*   If you set GroupType to **port**, you must specify port numbers or port ranges for the address book. Example: 80/80,100/200.
*   If you set GroupType to **domain**, you must specify domain names for the address book. Example: demo1.aliyun.com,demo2.aliyun.com.', example='192.0.XX.XX/32, 192.0.XX.XX/24'),
  autoAddTagEcs?: string(name='AutoAddTagEcs', description='Specifies whether to automatically add public IP addresses of Elastic Compute Service (ECS) instances to the address book if the instances match the specified tags. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
  description?: string(name='Description', description='The description of the address book.

This parameter is required.', example='bj-001'),
  groupName?: string(name='GroupName', description='The name of the address book.

This parameter is required.', example='bj-001'),
  groupUuid?: string(name='GroupUuid', description='The ID of the address book.

>  To modify the address book, you must provide the ID of the address book. You can call the [DescribeAddressBook](https://help.aliyun.com/document_detail/138869.html) operation to query the ID.

This parameter is required.', example='0657ab9d-fe8b-4174-b2a6-6baf358e****'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  modifyMode?: string(name='ModifyMode', description='Modification mode with the following values:

- **Cover**: Use the value of the AddressList parameter to overwrite the original address book.
- **Append**: After the original address book, append addresses using the value of the AddressList parameter.
- **Delete**: Delete addresses using the value of the AddressList parameter from the address book.

>When GroupType is **ip**, **ipv6**, **port**, or **domain**, if this parameter is not configured, the default is to use the **Cover** method to modify the address book.
>Notice: When GroupType is **tag**, this parameter must be empty.</notice>', example='Cover'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
  tagList?: [ 
    {
      tagKey?: string(name='TagKey', description='The key of ECS tag N that you want to match.', example='TXY'),
      tagValue?: string(name='TagValue', description='The value of ECS tag N that you want to match.', example='1'),
    }
  ](name='TagList', description='The ECS tags that you want to match.'),
  tagRelation?: string(name='TagRelation', description='The logical relationship among ECS tags. Valid values:

*   **and**: Only the public IP addresses of ECS instances that match all the specified tags can be added to the address book.
*   **or**: The public IP addresses of ECS instances that match one of the specified tags can be added to the address book.', example='and'),
}

model ModifyAddressBookResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
}

model ModifyAddressBookResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyAddressBookResponseBody(name='body'),
}

/**
 * @summary Modifies the address book that is specified in an access control policy.
 *
 * @description You can call the ModifyAddressBook operation to modify the address book that is configured for access control.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyAddressBookRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyAddressBookResponse
 */
async function modifyAddressBookWithOptions(request: ModifyAddressBookRequest, runtime: Util.RuntimeOptions): ModifyAddressBookResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.addressList)) {
    query['AddressList'] = request.addressList;
  }
  if (!Util.isUnset(request.autoAddTagEcs)) {
    query['AutoAddTagEcs'] = request.autoAddTagEcs;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.groupName)) {
    query['GroupName'] = request.groupName;
  }
  if (!Util.isUnset(request.groupUuid)) {
    query['GroupUuid'] = request.groupUuid;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.modifyMode)) {
    query['ModifyMode'] = request.modifyMode;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.tagList)) {
    query['TagList'] = request.tagList;
  }
  if (!Util.isUnset(request.tagRelation)) {
    query['TagRelation'] = request.tagRelation;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyAddressBook',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the address book that is specified in an access control policy.
 *
 * @description You can call the ModifyAddressBook operation to modify the address book that is configured for access control.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyAddressBookRequest
 * @return ModifyAddressBookResponse
 */
async function modifyAddressBook(request: ModifyAddressBookRequest): ModifyAddressBookResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyAddressBookWithOptions(request, runtime);
}

model ModifyControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.', example='accept'),
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.

>  To modify an access control policy, you must specify the UUID of the policy. You can call the [DescribeControlPolicy](https://help.aliyun.com/document_detail/138866.html) interface to query the UUID.

This parameter is required.', example='00281255-d220-4db1-8f4f-c4df221ad84c'),
  applicationName?: string(name='ApplicationName', description='The type of the application that the access control policy supports. Valid values:

*   **ANY**
*   **HTTP**
*   **HTTPS**
*   **MySQL**
*   **SMTP**
*   **SMTPS**
*   **RDP**
*   **VNC**
*   **SSH**
*   **Redis**
*   **MQTT**
*   **MongoDB**
*   **Memcache**
*   **SSL**

>  The value **ANY** indicates all types of applications.

>  You must specify one of the ApplicationNameList and ApplicationName parameters. If you configure both ApplicationNameList and ApplicationName, only the value of ApplicationNameList is used.', example='HTTP', deprecated=true),
  applicationNameList?: [ string ](name='ApplicationNameList', description='The application names.

>  You must specify one of the ApplicationNameList and ApplicationName parameters. If you configure both ApplicationNameList and ApplicationName, only the value of ApplicationNameList is used.'),
  description?: string(name='Description', description='The description of the access control policy.', example='test'),
  destPort?: string(name='DestPort', description='The destination port in the access control policy.', example='80'),
  destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.', example='my_port_group'),
  destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy. Valid values:

*   **port**: port
*   **group**: port address book', example='port'),
  destination?: string(name='Destination', description='The destination address in the access control policy.

*   If **DestinationType** is set to net, the value of **Destination** is a CIDR block. Example: 1.2.XX.XX/24.
*   If **DestinationType** is set to group, the value of **Destination** is an address book. Example: db_group.
*   If **DestinationType** is set to domain, the value of **Destination** is a domain name. Example: \\\\*.aliyuncs.com.
*   If **DestinationType** is set to location, the value of **Destination** is a location. For more information about the location codes, see the "AddControlPolicy" topic. Example: ["BJ11", "ZB"].', example='192.0.XX.XX/24'),
  destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name
*   **location**: location', example='net'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies. Valid values:

*   **in**: inbound traffic
*   **out**: outbound traffic', example='in'),
  domainResolveType?: string(name='DomainResolveType', description='The domain name resolution method of the access control policy. By default, an access control policy is enabled after the policy is created. Valid values:

* **FQDN**: fully qualified domain name (FQDN)-based resolution
* **DNS**: DNS-based dynamic resolution
* **FQDN_AND_DNS**: FQDN and DNS-based dynamic resolution', example='FQDN'),
  endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of StartTime.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694764800'),
  lang?: string(name='Lang', description='The language of the content within the request and the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  proto?: string(name='Proto', description='The protocol type that the access control policy supports. Valid values:

*   **ANY**
*   **TCP**
*   **UDP**
*   **ICMP**

>  The value **ANY** indicates all types of applications.

>  If the traffic direction is outbound and the destination address is a threat intelligence address book of the domain name type or a cloud service address book, you can set Proto to TCP or ANY. If you set Proto to TCP, you can set ApplicationName to HTTP, HTTPS, SMTP, SMTPS, and SSL. If you set Proto to ANY, you can set ApplicationName to ANY.', example='TCP'),
  release?: string(name='Release', description='The status of the access control policy. Valid values:

*   true: enabled
*   false: disabled', example='true'),
  repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If you set RepeatType to `Permanent`, `None`, or `Daily`, the value of this parameter is an empty array. Example: []
*   If you set RepeatType to Weekly, you must specify this parameter. Example: [0, 6]

>  If you set RepeatType to Weekly, the fields in the value of this parameter cannot be repeated.

*   If you set RepeatType to `Monthly`, you must specify this parameter. Example: [1, 31]

>  If you set RepeatType to Monthly, the fields in the value of this parameter cannot be repeated.'),
  repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of RepeatStartTime.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='23:30'),
  repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of RepeatEndTime.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='08:00'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy.

*   If **SourceType** is set to net, the value of **Source** is a CIDR block. Example: 1.2.XX.XX/24.
*   If **SourceType** is set to group, the value of **Source** is an address book. Example: db_group.
*   If **SourceType** is set to location, the value of **Source** is a location. For more information about the location codes, see the "AddControlPolicy" topic. Example: ["BJ11", "ZB"]', example='192.0.XX.XX/24'),
  sourceType?: string(name='SourceType', description='The type of the source address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **location**: location', example='net'),
  startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of EndTime.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694761200'),
}

model ModifyControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
}

model ModifyControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyControlPolicyResponseBody(name='body'),
}

/**
 * @summary Modifies the configurations of an access control policy.
 *
 * @description You can call this operation to modify the configurations of an access control policy. The policy allows Cloud Firewall to allow, deny, or monitor the traffic that passes through Cloud Firewall.
 * ## [](#qps)Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyControlPolicyResponse
 */
async function modifyControlPolicyWithOptions(request: ModifyControlPolicyRequest, runtime: Util.RuntimeOptions): ModifyControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.applicationName)) {
    query['ApplicationName'] = request.applicationName;
  }
  if (!Util.isUnset(request.applicationNameList)) {
    query['ApplicationNameList'] = request.applicationNameList;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destPort)) {
    query['DestPort'] = request.destPort;
  }
  if (!Util.isUnset(request.destPortGroup)) {
    query['DestPortGroup'] = request.destPortGroup;
  }
  if (!Util.isUnset(request.destPortType)) {
    query['DestPortType'] = request.destPortType;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.destinationType)) {
    query['DestinationType'] = request.destinationType;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.domainResolveType)) {
    query['DomainResolveType'] = request.domainResolveType;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatDays)) {
    query['RepeatDays'] = request.repeatDays;
  }
  if (!Util.isUnset(request.repeatEndTime)) {
    query['RepeatEndTime'] = request.repeatEndTime;
  }
  if (!Util.isUnset(request.repeatStartTime)) {
    query['RepeatStartTime'] = request.repeatStartTime;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceType)) {
    query['SourceType'] = request.sourceType;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the configurations of an access control policy.
 *
 * @description You can call this operation to modify the configurations of an access control policy. The policy allows Cloud Firewall to allow, deny, or monitor the traffic that passes through Cloud Firewall.
 * ## [](#qps)Limit
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyControlPolicyRequest
 * @return ModifyControlPolicyResponse
 */
async function modifyControlPolicy(request: ModifyControlPolicyRequest): ModifyControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyControlPolicyWithOptions(request, runtime);
}

model ModifyControlPolicyPositionRequest {
  direction?: string(name='Direction', description='The direction of the traffic to which the IPv4 access control policy applies. Valid values:

*   in: inbound traffic
*   out: outbound traffic

This parameter is required.', example='in'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   zh: Chinese (default)
*   en: English', example='zh'),
  newOrder?: string(name='NewOrder', description='The new priority of the IPv4 access control policy. You must specify a numeric value for this parameter. The value 1 indicates the highest priority. A larger value indicates a lower priority.

>  The new priority cannot exceed the priority range of the IPv4 access control policy. Otherwise, an error occurs when you call this operation. Before you call this operation, we recommend that you use the [DescribePolicyPriorUsed](https://help.aliyun.com/document_detail/138862.html) operation to query the priority range of the IPv4 access control policy in the specified direction.

This parameter is required.', example='1'),
  oldOrder?: string(name='OldOrder', description='The original priority of the IPv4 access control policy.

This parameter is required.', example='5'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model ModifyControlPolicyPositionResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='850A84D6-0DE4-4797-A1E8-00090125EEB1'),
}

model ModifyControlPolicyPositionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyControlPolicyPositionResponseBody(name='body'),
}

/**
 * @summary Modifies the priority of an IPv4 access control policy for the Internet firewall. An IPv4 access control policy refers to a policy whose source IP address and destination IP address are IPv4 addresses.
 *
 * @description You can use this operation to modify the priority of an IPv4 access control policy for the Internet firewall. No API operations are provided for you to modify the priority of an IPv6 access control policy for the Internet firewall.
 * ## [](#qps)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyControlPolicyPositionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyControlPolicyPositionResponse
 */
async function modifyControlPolicyPositionWithOptions(request: ModifyControlPolicyPositionRequest, runtime: Util.RuntimeOptions): ModifyControlPolicyPositionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.newOrder)) {
    query['NewOrder'] = request.newOrder;
  }
  if (!Util.isUnset(request.oldOrder)) {
    query['OldOrder'] = request.oldOrder;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyControlPolicyPosition',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the priority of an IPv4 access control policy for the Internet firewall. An IPv4 access control policy refers to a policy whose source IP address and destination IP address are IPv4 addresses.
 *
 * @description You can use this operation to modify the priority of an IPv4 access control policy for the Internet firewall. No API operations are provided for you to modify the priority of an IPv6 access control policy for the Internet firewall.
 * ## [](#qps)Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyControlPolicyPositionRequest
 * @return ModifyControlPolicyPositionResponse
 */
async function modifyControlPolicyPosition(request: ModifyControlPolicyPositionRequest): ModifyControlPolicyPositionResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyControlPolicyPositionWithOptions(request, runtime);
}

model ModifyDefaultIPSConfigRequest {
  basicRules?: int32(name='BasicRules', description='Specifies whether to enable basic protection. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
  ctiRules?: int32(name='CtiRules', description='Specifies whether to enable threat intelligence. Valid values:

*   **1**: yes
*   **0**: no', example='0'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  maxSdl?: long(name='MaxSdl', description='The maximum amount of traffic that can be processed by the sensitive data leak detection feature each day.', example='100'),
  patchRules?: int32(name='PatchRules', description='Specifies whether to enable virtual patching. Valid values:

*   **1**: yes
*   **0**: no', example='1'),
  ruleClass?: int32(name='RuleClass', description='The level of the rule group for the IPS. Valid values:

*   **1**: loose
*   **2**: medium
*   **3**: strict', example='1'),
  runMode?: int32(name='RunMode', description='The mode of the IPS. Valid values:

*   **1**: block mode
*   **0**: monitor mode

This parameter is required.', example='0'),
}

model ModifyDefaultIPSConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='65885B52-00EC-5728-96******'),
}

model ModifyDefaultIPSConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyDefaultIPSConfigResponseBody(name='body'),
}

/**
 * @summary Modifies the default configuration of the intrusion prevention system (IPS).
 *
 * @param request ModifyDefaultIPSConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyDefaultIPSConfigResponse
 */
async function modifyDefaultIPSConfigWithOptions(request: ModifyDefaultIPSConfigRequest, runtime: Util.RuntimeOptions): ModifyDefaultIPSConfigResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.basicRules)) {
    query['BasicRules'] = request.basicRules;
  }
  if (!Util.isUnset(request.ctiRules)) {
    query['CtiRules'] = request.ctiRules;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.maxSdl)) {
    query['MaxSdl'] = request.maxSdl;
  }
  if (!Util.isUnset(request.patchRules)) {
    query['PatchRules'] = request.patchRules;
  }
  if (!Util.isUnset(request.ruleClass)) {
    query['RuleClass'] = request.ruleClass;
  }
  if (!Util.isUnset(request.runMode)) {
    query['RunMode'] = request.runMode;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyDefaultIPSConfig',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the default configuration of the intrusion prevention system (IPS).
 *
 * @param request ModifyDefaultIPSConfigRequest
 * @return ModifyDefaultIPSConfigResponse
 */
async function modifyDefaultIPSConfig(request: ModifyDefaultIPSConfigRequest): ModifyDefaultIPSConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyDefaultIPSConfigWithOptions(request, runtime);
}

model ModifyFirewallV2RoutePolicySwitchRequest {
  firewallId?: string(name='FirewallId', description='The instance ID of the virtual private cloud (VPC) firewall.', example='vfw-tr-5b202e7f0be64611****'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  shouldRecover?: string(name='ShouldRecover', description='Specifies whether to restore the traffic redirection configurations. Valid values:

*   true: roll back
*   false: withdraw', example='false'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-93684cc5caa44b2e****'),
  trFirewallRoutePolicySwitchStatus?: string(name='TrFirewallRoutePolicySwitchStatus', description='The status of the routing policy. Valid values:

*   open: enabled
*   close: disabled', example='open'),
}

model ModifyFirewallV2RoutePolicySwitchResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='1F6D4A8D-EC01-5996-A61A-AA3B56490C00'),
}

model ModifyFirewallV2RoutePolicySwitchResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyFirewallV2RoutePolicySwitchResponseBody(name='body'),
}

/**
 * @summary Modifies the status of a routing policy.
 *
 * @param request ModifyFirewallV2RoutePolicySwitchRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyFirewallV2RoutePolicySwitchResponse
 */
async function modifyFirewallV2RoutePolicySwitchWithOptions(request: ModifyFirewallV2RoutePolicySwitchRequest, runtime: Util.RuntimeOptions): ModifyFirewallV2RoutePolicySwitchResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.shouldRecover)) {
    query['ShouldRecover'] = request.shouldRecover;
  }
  if (!Util.isUnset(request.trFirewallRoutePolicyId)) {
    query['TrFirewallRoutePolicyId'] = request.trFirewallRoutePolicyId;
  }
  if (!Util.isUnset(request.trFirewallRoutePolicySwitchStatus)) {
    query['TrFirewallRoutePolicySwitchStatus'] = request.trFirewallRoutePolicySwitchStatus;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyFirewallV2RoutePolicySwitch',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the status of a routing policy.
 *
 * @param request ModifyFirewallV2RoutePolicySwitchRequest
 * @return ModifyFirewallV2RoutePolicySwitchResponse
 */
async function modifyFirewallV2RoutePolicySwitch(request: ModifyFirewallV2RoutePolicySwitchRequest): ModifyFirewallV2RoutePolicySwitchResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyFirewallV2RoutePolicySwitchWithOptions(request, runtime);
}

model ModifyInstanceMemberAttributesRequest {
  members?: [ 
    {
      memberDesc?: string(name='MemberDesc', description='The remarks of the member in Cloud Firewall.

This parameter is required.', example='renewal'),
      memberUid?: long(name='MemberUid', description='The UID of the member in Cloud Firewall.

This parameter is required.', example='123412341234****'),
    }
  ](name='Members', description='The members that to be modified.

This parameter is required.'),
}

model ModifyInstanceMemberAttributesResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='AB74E747-BA5C-492C-87DD-CEA67FCFFFE5'),
}

model ModifyInstanceMemberAttributesResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyInstanceMemberAttributesResponseBody(name='body'),
}

/**
 * @summary Updates the information about members in Cloud Firewall.
 *
 * @description You can call the ModifyInstanceMemberAttributes operation to update the information about members in Cloud Firewall.  
 * ## Limits
 * You can call this operation up to 10 times per second for each account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyInstanceMemberAttributesRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyInstanceMemberAttributesResponse
 */
async function modifyInstanceMemberAttributesWithOptions(request: ModifyInstanceMemberAttributesRequest, runtime: Util.RuntimeOptions): ModifyInstanceMemberAttributesResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.members)) {
    query['Members'] = request.members;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyInstanceMemberAttributes',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Updates the information about members in Cloud Firewall.
 *
 * @description You can call the ModifyInstanceMemberAttributes operation to update the information about members in Cloud Firewall.  
 * ## Limits
 * You can call this operation up to 10 times per second for each account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyInstanceMemberAttributesRequest
 * @return ModifyInstanceMemberAttributesResponse
 */
async function modifyInstanceMemberAttributes(request: ModifyInstanceMemberAttributesRequest): ModifyInstanceMemberAttributesResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyInstanceMemberAttributesWithOptions(request, runtime);
}

model ModifyNatFirewallControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic. Valid values:

*   **accept**: allows the traffic.
*   **drop**: denies the traffic.
*   **log**: monitors the traffic.', example='log'),
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.

To modify the configurations of an access control policy, you must provide the UUID of the policy. You can call the DescribeNatFirewallControlPolicy operation to query the UUIDs of access control policies.

This parameter is required.', example='61ab1c02-926a-4d1b-9ef7-595eed8c4226'),
  applicationNameList?: [ string ](name='ApplicationNameList', description='The name of the application.'),
  description?: string(name='Description', description='The description of the access control policy. Fuzzy match is supported.

> If you do not specify this parameter, the descriptions of all policies are queried.', example='test'),
  destPort?: string(name='DestPort', description='The destination port in the access control policy.

> If **DestPortType** is set to `port`, you must specify this parameter.', example='80'),
  destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.', example='my_dest_port_group'),
  destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy. Valid values:

*   **port**: port
*   **group**: port address book', example='port'),
  destination?: string(name='Destination', description='The destination address in the access control policy.

*   If **DestinationType** is set to net, the value of **Destination** is a CIDR block. Example: 1.2.3.4/24
*   If **DestinationType** is set to group, the value of **Destination** is an address book. Example: db_group
*   If **DestinationType** is set to domain, the value of **Destination** is a domain name. Example: \\\\*.aliyuncs.com
*   If **DestinationType** is set to location, the value of **Destination** is a location. For more information about the location codes, see the "AddControlPolicy" topic. Example: ["BJ11", "ZB"]', example='x.x.x.x/32'),
  destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name
*   **location**: destination location', example='net'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies. Valid value:

*   **out**: outbound.', example='out'),
  domainResolveType?: string(name='DomainResolveType', description='The domain name resolution method of the access control policy. Valid values:

*   **0**: Fully qualified domain name (FQDN)-based resolution
*   **1**: Domain Name System (DNS)-based dynamic resolution
*   **2**: FQDN and DNS-based dynamic resolution', example='0'),
  endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of StartTime.

>  If RepeatType is set to Permanent, EndTime is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, EndTime must be specified.', example='1694764800'),
  lang?: string(name='Lang', description='The language of the content within the request and the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngw-xxxxxx'),
  proto?: string(name='Proto', description='The protocol type in the access control policy. Valid values:

*   **ANY**
*   **TCP**
*   **UDP**
*   **ICMP**

>  The value **ANY** indicates all types of applications.

>  If the destination address type is a threat intelligence address book of the domain name type or a cloud service address book, you can set Proto to TCP. If you set Proto to TCP, you can set application types to HTTP, HTTPS, SMTP, SMTPS, and SSL.', example='TCP'),
  release?: string(name='Release', description='The status of the access control policy. Valid values:

*   **true**: enabled
*   **false**: disabled', example='true'),
  repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If RepeatType is set to `Permanent`, `None`, or `Daily`, RepeatDays is left empty. Example: [].
*   If RepeatType is set to Weekly, RepeatDays must be specified. Example: [0, 6].

>  If RepeatType is set to Weekly, the fields in the value of RepeatDays cannot be repeated.

*   If RepeatType is set to `Monthly`, RepeatDays must be specified. Example: [1, 31].

>  If RepeatType is set to Monthly, the fields in the value of RepeatDays cannot be repeated.'),
  repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of RepeatStartTime.

>  If RepeatType is set to Permanent or None, RepeatEndTime is left empty. If RepeatType is set to Daily, Weekly, or Monthly, RepeatEndTime must be specified.', example='23:30'),
  repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of RepeatEndTime.

>  If RepeatType is set to Permanent or None, RepeatStartTime is left empty. If RepeatType is set to Daily, Weekly, or Monthly, this parameter must be specified.', example='08:00'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy. Valid values:

*   If **SourceType** is set to `net`, the value of this parameter is a CIDR block. Example: 10.2.XX.XX/24.
*   If **SourceType** is set to `group`, the value of this parameter is an address book name. Example: db_group.', example='192.168.0.25/32'),
  sourceType?: string(name='SourceType', description='The type of the source address in the access control policy. Valid values:

*   **net**: CIDR block
*   **group**: address book', example='net'),
  startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of EndTime.

>  If RepeatType is set to Permanent, StartTime is left empty. If RepeatType is set to None, Daily, Weekly, or Monthly, StartTime must be specified.', example='1694761200'),
}

model ModifyNatFirewallControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='3868197C-E6E8-52CD-8358-05E3308430E2'),
}

model ModifyNatFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyNatFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Modifies the configurations of an access control policy that is created for a NAT firewall.
 *
 * @description You can use this operation to modify the configurations of an access control policy. The policy is used to allow, deny, or monitor traffic that reaches a NAT firewall.
 *
 * @param request ModifyNatFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyNatFirewallControlPolicyResponse
 */
async function modifyNatFirewallControlPolicyWithOptions(request: ModifyNatFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): ModifyNatFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.applicationNameList)) {
    query['ApplicationNameList'] = request.applicationNameList;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destPort)) {
    query['DestPort'] = request.destPort;
  }
  if (!Util.isUnset(request.destPortGroup)) {
    query['DestPortGroup'] = request.destPortGroup;
  }
  if (!Util.isUnset(request.destPortType)) {
    query['DestPortType'] = request.destPortType;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.destinationType)) {
    query['DestinationType'] = request.destinationType;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.domainResolveType)) {
    query['DomainResolveType'] = request.domainResolveType;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatDays)) {
    query['RepeatDays'] = request.repeatDays;
  }
  if (!Util.isUnset(request.repeatEndTime)) {
    query['RepeatEndTime'] = request.repeatEndTime;
  }
  if (!Util.isUnset(request.repeatStartTime)) {
    query['RepeatStartTime'] = request.repeatStartTime;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceType)) {
    query['SourceType'] = request.sourceType;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyNatFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the configurations of an access control policy that is created for a NAT firewall.
 *
 * @description You can use this operation to modify the configurations of an access control policy. The policy is used to allow, deny, or monitor traffic that reaches a NAT firewall.
 *
 * @param request ModifyNatFirewallControlPolicyRequest
 * @return ModifyNatFirewallControlPolicyResponse
 */
async function modifyNatFirewallControlPolicy(request: ModifyNatFirewallControlPolicyRequest): ModifyNatFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyNatFirewallControlPolicyWithOptions(request, runtime);
}

model ModifyNatFirewallControlPolicyPositionRequest {
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.

This parameter is required.', example='66961eea-e659-4225-84c9-9b6da76ec401'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies.

*   Set the value to **out**.', example='out'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.

This parameter is required.', example='ngw-xxxxxx'),
  newOrder?: int32(name='NewOrder', description='The new priority of the IPv4 access control policy. You must specify a numeric value for this parameter. The value 1 indicates the highest priority. A larger value indicates a lower priority.

> Make sure that the value of this parameter is within the priority range of existing IPv4 access control policies. Otherwise, an error occurs when you call this operation.

Before you call this operation, we recommend that you call the DescribeNatFirewallPolicyPriorUsed operation to query the priority range of the IPv4 access control policies in the specified traffic direction.

This parameter is required.', example='5'),
}

model ModifyNatFirewallControlPolicyPositionResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='60617208-F5F7-5B44-BB1E-3AC1B6FCD627'),
}

model ModifyNatFirewallControlPolicyPositionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyNatFirewallControlPolicyPositionResponseBody(name='body'),
}

/**
 * @summary Modifies the priority of an access control policy that is created for a NAT firewall.
 *
 * @param request ModifyNatFirewallControlPolicyPositionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyNatFirewallControlPolicyPositionResponse
 */
async function modifyNatFirewallControlPolicyPositionWithOptions(request: ModifyNatFirewallControlPolicyPositionRequest, runtime: Util.RuntimeOptions): ModifyNatFirewallControlPolicyPositionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  if (!Util.isUnset(request.newOrder)) {
    query['NewOrder'] = request.newOrder;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyNatFirewallControlPolicyPosition',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the priority of an access control policy that is created for a NAT firewall.
 *
 * @param request ModifyNatFirewallControlPolicyPositionRequest
 * @return ModifyNatFirewallControlPolicyPositionResponse
 */
async function modifyNatFirewallControlPolicyPosition(request: ModifyNatFirewallControlPolicyPositionRequest): ModifyNatFirewallControlPolicyPositionResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyNatFirewallControlPolicyPositionWithOptions(request, runtime);
}

model ModifyObjectGroupOperationRequest {
  comment?: string(name='Comment', description='The remarks of the operation.', example='test'),
  direction?: string(name='Direction', description='The direction of the traffic to which the access control policy applies.

Valid values:

*   **in**: inbound.
*   **out**: outbound.

This parameter is required.', example='out'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  objectList?: [ string ](name='ObjectList', description='The operation objects.

This parameter is required.'),
  objectOperation?: string(name='ObjectOperation', description='The operation. Valid values:

*   **ignore**: adds the operation object to the whitelist.
*   **cancelIgnore**: removes the operation object from the whitelist.
*   **subscribe**: follows the operation object.
*   **unsubscribe**: unfollows the operation object.

This parameter is required.', example='ignore'),
  objectType?: string(name='ObjectType', description='The type of the operation object.

Valid values:

*   **assetsIp**: the asset IP address.
*   **destinationIp**: the destination IP address.
*   **destinationPort**: the destination port.
*   **destinationDomain**: the destination domain name.

This parameter is required.', example='destinationDomain'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='123.xxx.251.60'),
}

model ModifyObjectGroupOperationResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='CB32593D************775F41D6ED84'),
}

model ModifyObjectGroupOperationResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyObjectGroupOperationResponseBody(name='body'),
}

/**
 * @summary Modifies information about an operation on an object group.
 *
 * @param request ModifyObjectGroupOperationRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyObjectGroupOperationResponse
 */
async function modifyObjectGroupOperationWithOptions(request: ModifyObjectGroupOperationRequest, runtime: Util.RuntimeOptions): ModifyObjectGroupOperationResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.comment)) {
    query['Comment'] = request.comment;
  }
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.objectList)) {
    query['ObjectList'] = request.objectList;
  }
  if (!Util.isUnset(request.objectOperation)) {
    query['ObjectOperation'] = request.objectOperation;
  }
  if (!Util.isUnset(request.objectType)) {
    query['ObjectType'] = request.objectType;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyObjectGroupOperation',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies information about an operation on an object group.
 *
 * @param request ModifyObjectGroupOperationRequest
 * @return ModifyObjectGroupOperationResponse
 */
async function modifyObjectGroupOperation(request: ModifyObjectGroupOperationRequest): ModifyObjectGroupOperationResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyObjectGroupOperationWithOptions(request, runtime);
}

model ModifyPolicyAdvancedConfigRequest {
  eips?: [ string ](name='Eips'),
  internetSwitch?: string(name='InternetSwitch', description='Specifies whether to enable the strict mode for the access control policy. Valid values:

*   **on**: enables the strict mode.
*   **off**: disables the strict mode.

This parameter is required.', example='off'),
  lang?: string(name='Lang', description='The natural language of the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model ModifyPolicyAdvancedConfigResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='B2841452-CB8D-4F7D-B247-38E1CF7334F8'),
}

model ModifyPolicyAdvancedConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyPolicyAdvancedConfigResponseBody(name='body'),
}

/**
 * @summary Enables or disables the strict mode for an access control policy.
 *
 * @description You can call the ModifyPolicyAdvancedConfig operation to enable or disable the strict mode for an access control policy.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyPolicyAdvancedConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyPolicyAdvancedConfigResponse
 */
async function modifyPolicyAdvancedConfigWithOptions(request: ModifyPolicyAdvancedConfigRequest, runtime: Util.RuntimeOptions): ModifyPolicyAdvancedConfigResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.eips)) {
    query['Eips'] = request.eips;
  }
  if (!Util.isUnset(request.internetSwitch)) {
    query['InternetSwitch'] = request.internetSwitch;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyPolicyAdvancedConfig',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Enables or disables the strict mode for an access control policy.
 *
 * @description You can call the ModifyPolicyAdvancedConfig operation to enable or disable the strict mode for an access control policy.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyPolicyAdvancedConfigRequest
 * @return ModifyPolicyAdvancedConfigResponse
 */
async function modifyPolicyAdvancedConfig(request: ModifyPolicyAdvancedConfigRequest): ModifyPolicyAdvancedConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyPolicyAdvancedConfigWithOptions(request, runtime);
}

model ModifyTrFirewallV2ConfigurationRequest {
  firewallId?: string(name='FirewallId', description='The instance ID of the VPC firewall.', example='vfw-tr-bcdf89d405ce4bd2****'),
  firewallName?: string(name='FirewallName', description='The instance name of the VPC firewall.', example='Test instance'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
}

model ModifyTrFirewallV2ConfigurationResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='A74C8FDD-2BEF-52D5-8B01-EB6FD94606F9'),
}

model ModifyTrFirewallV2ConfigurationResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyTrFirewallV2ConfigurationResponseBody(name='body'),
}

/**
 * @summary Modifies the configuration of a virtual private cloud (VPC) firewall that is created for a transit router.
 *
 * @param request ModifyTrFirewallV2ConfigurationRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyTrFirewallV2ConfigurationResponse
 */
async function modifyTrFirewallV2ConfigurationWithOptions(request: ModifyTrFirewallV2ConfigurationRequest, runtime: Util.RuntimeOptions): ModifyTrFirewallV2ConfigurationResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.firewallName)) {
    query['FirewallName'] = request.firewallName;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyTrFirewallV2Configuration',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the configuration of a virtual private cloud (VPC) firewall that is created for a transit router.
 *
 * @param request ModifyTrFirewallV2ConfigurationRequest
 * @return ModifyTrFirewallV2ConfigurationResponse
 */
async function modifyTrFirewallV2Configuration(request: ModifyTrFirewallV2ConfigurationRequest): ModifyTrFirewallV2ConfigurationResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyTrFirewallV2ConfigurationWithOptions(request, runtime);
}

model ModifyTrFirewallV2RoutePolicyScopeRequest {
  destCandidateList?: [ 
    {
      candidateId?: string(name='CandidateId', description='The ID of the traffic redirection instance.', example='vpc-2ze9epancaw8t4shajuzi'),
      candidateType?: string(name='CandidateType', description='The type of the traffic redirection instance.', example='VPC'),
    }
  ](name='DestCandidateList', description='The secondary traffic redirection instances.'),
  firewallId?: string(name='FirewallId', description='The instance ID of the virtual private cloud (VPC) firewall.

This parameter is required.', example='vfw-tr-6520de0253bc4669bbd9'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*  **zh** (default): Chinese
*  **en**: English', example='zh'),
  shouldRecover?: string(name='ShouldRecover', description='Specifies whether to restore the traffic redirection configurations. Valid values:

*   true: roll back
*   false: withdraw', example='false'),
  srcCandidateList?: [ 
    {
      candidateId?: string(name='CandidateId', description='The ID of the traffic redirection instance.', example='vpc-2ze9epancaw8t4shajuzi'),
      candidateType?: string(name='CandidateType', description='The type of the traffic redirection instance.', example='VPC'),
    }
  ](name='SrcCandidateList', description='The primary traffic redirection instances.'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.

This parameter is required.', example='policy-4d724d0139df48f18091'),
}

model ModifyTrFirewallV2RoutePolicyScopeShrinkRequest {
  destCandidateListShrink?: string(name='DestCandidateList', description='The secondary traffic redirection instances.'),
  firewallId?: string(name='FirewallId', description='The instance ID of the virtual private cloud (VPC) firewall.

This parameter is required.', example='vfw-tr-6520de0253bc4669bbd9'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*  **zh** (default): Chinese
*  **en**: English', example='zh'),
  shouldRecover?: string(name='ShouldRecover', description='Specifies whether to restore the traffic redirection configurations. Valid values:

*   true: roll back
*   false: withdraw', example='false'),
  srcCandidateListShrink?: string(name='SrcCandidateList', description='The primary traffic redirection instances.'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.

This parameter is required.', example='policy-4d724d0139df48f18091'),
}

model ModifyTrFirewallV2RoutePolicyScopeResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='E7D4D635-0C70-5CEB-A609-851E94D51FBB'),
  trFirewallRoutePolicyId?: string(name='TrFirewallRoutePolicyId', description='The ID of the routing policy.', example='policy-4d724d0139df48f18091'),
}

model ModifyTrFirewallV2RoutePolicyScopeResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyTrFirewallV2RoutePolicyScopeResponseBody(name='body'),
}

/**
 * @summary Modifies the effective scope of the routing policy created for the VPC firewall for a transit router.
 *
 * @param tmpReq ModifyTrFirewallV2RoutePolicyScopeRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyTrFirewallV2RoutePolicyScopeResponse
 */
async function modifyTrFirewallV2RoutePolicyScopeWithOptions(tmpReq: ModifyTrFirewallV2RoutePolicyScopeRequest, runtime: Util.RuntimeOptions): ModifyTrFirewallV2RoutePolicyScopeResponse {
  Util.validateModel(tmpReq);
  var request = new ModifyTrFirewallV2RoutePolicyScopeShrinkRequest{};
  OpenApiUtil.convert(tmpReq, request);
  if (!Util.isUnset(tmpReq.destCandidateList)) {
    request.destCandidateListShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.destCandidateList, 'DestCandidateList', 'json');
  }
  if (!Util.isUnset(tmpReq.srcCandidateList)) {
    request.srcCandidateListShrink = OpenApiUtil.arrayToStringWithSpecifiedStyle(tmpReq.srcCandidateList, 'SrcCandidateList', 'json');
  }
  var query = {};
  if (!Util.isUnset(request.destCandidateListShrink)) {
    query['DestCandidateList'] = request.destCandidateListShrink;
  }
  if (!Util.isUnset(request.firewallId)) {
    query['FirewallId'] = request.firewallId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.shouldRecover)) {
    query['ShouldRecover'] = request.shouldRecover;
  }
  if (!Util.isUnset(request.srcCandidateListShrink)) {
    query['SrcCandidateList'] = request.srcCandidateListShrink;
  }
  if (!Util.isUnset(request.trFirewallRoutePolicyId)) {
    query['TrFirewallRoutePolicyId'] = request.trFirewallRoutePolicyId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyTrFirewallV2RoutePolicyScope',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the effective scope of the routing policy created for the VPC firewall for a transit router.
 *
 * @param request ModifyTrFirewallV2RoutePolicyScopeRequest
 * @return ModifyTrFirewallV2RoutePolicyScopeResponse
 */
async function modifyTrFirewallV2RoutePolicyScope(request: ModifyTrFirewallV2RoutePolicyScopeRequest): ModifyTrFirewallV2RoutePolicyScopeResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyTrFirewallV2RoutePolicyScopeWithOptions(request, runtime);
}

model ModifyUserIPSWhitelistRequest {
  direction?: long(name='Direction'),
  ipVersion?: string(name='IpVersion'),
  lang?: string(name='Lang'),
  listType?: long(name='ListType'),
  listValue?: string(name='ListValue'),
  sourceIp?: string(name='SourceIp'),
  whiteType?: long(name='WhiteType'),
}

model ModifyUserIPSWhitelistResponseBody = {
  requestId?: string(name='RequestId'),
}

model ModifyUserIPSWhitelistResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyUserIPSWhitelistResponseBody(name='body'),
}

/**
 * @summary 修改用户IPS白名单
 *
 * @param request ModifyUserIPSWhitelistRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyUserIPSWhitelistResponse
 */
async function modifyUserIPSWhitelistWithOptions(request: ModifyUserIPSWhitelistRequest, runtime: Util.RuntimeOptions): ModifyUserIPSWhitelistResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.direction)) {
    query['Direction'] = request.direction;
  }
  if (!Util.isUnset(request.ipVersion)) {
    query['IpVersion'] = request.ipVersion;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.listType)) {
    query['ListType'] = request.listType;
  }
  if (!Util.isUnset(request.listValue)) {
    query['ListValue'] = request.listValue;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.whiteType)) {
    query['WhiteType'] = request.whiteType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyUserIPSWhitelist',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary 修改用户IPS白名单
 *
 * @param request ModifyUserIPSWhitelistRequest
 * @return ModifyUserIPSWhitelistResponse
 */
async function modifyUserIPSWhitelist(request: ModifyUserIPSWhitelistRequest): ModifyUserIPSWhitelistResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyUserIPSWhitelistWithOptions(request, runtime);
}

model ModifyVpcFirewallCenConfigureRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

> You can call the [DescribeVpcFirewallCenList](https://help.aliyun.com/document_detail/345777.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.

This parameter is required.', example='Test instance'),
}

model ModifyVpcFirewallCenConfigureResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125k6f8'),
}

model ModifyVpcFirewallCenConfigureResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallCenConfigureResponseBody(name='body'),
}

/**
 * @summary Modifies the configurations of a virtual private cloud (VPC) firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the ModifyVpcFirewallCenConfigure operation to modify the configurations of a VPC firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. Before you call this operation, make sure that you have created a VPC firewall by calling the [CreateVpcFirewallCenConfigure](https://help.aliyun.com/document_detail/345772.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallCenConfigureRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallCenConfigureResponse
 */
async function modifyVpcFirewallCenConfigureWithOptions(request: ModifyVpcFirewallCenConfigureRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallCenConfigureResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  if (!Util.isUnset(request.vpcFirewallName)) {
    query['VpcFirewallName'] = request.vpcFirewallName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallCenConfigure',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the configurations of a virtual private cloud (VPC) firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the ModifyVpcFirewallCenConfigure operation to modify the configurations of a VPC firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. Before you call this operation, make sure that you have created a VPC firewall by calling the [CreateVpcFirewallCenConfigure](https://help.aliyun.com/document_detail/345772.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallCenConfigureRequest
 * @return ModifyVpcFirewallCenConfigureResponse
 */
async function modifyVpcFirewallCenConfigure(request: ModifyVpcFirewallCenConfigureRequest): ModifyVpcFirewallCenConfigureResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallCenConfigureWithOptions(request, runtime);
}

model ModifyVpcFirewallCenSwitchStatusRequest {
  firewallSwitch?: string(name='FirewallSwitch', description='Specifies whether to enable the VPC firewall. Valid values:

*   **open**: yes
*   **close**: no

This parameter is required.', example='open'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

> You can call the [DescribeVpcFirewallCenList](https://help.aliyun.com/document_detail/345777.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
}

model ModifyVpcFirewallCenSwitchStatusResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125afj2'),
}

model ModifyVpcFirewallCenSwitchStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallCenSwitchStatusResponseBody(name='body'),
}

/**
 * @summary Enables or disables a virtual private cloud (VPC) firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the ModifyVpcFirewallCenSwitchStatus operation to enable or disable a VPC firewall. A VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. After you enable the VPC firewall, the VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. After you disable the VPC firewall, the VPC firewall no longer protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance.
 * Before you call this operation, make sure that you have created a VPC firewall by calling the [CreateVpcFirewallCenConfigure](https://help.aliyun.com/document_detail/345772.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallCenSwitchStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallCenSwitchStatusResponse
 */
async function modifyVpcFirewallCenSwitchStatusWithOptions(request: ModifyVpcFirewallCenSwitchStatusRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallCenSwitchStatusResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallSwitch)) {
    query['FirewallSwitch'] = request.firewallSwitch;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallCenSwitchStatus',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Enables or disables a virtual private cloud (VPC) firewall. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance.
 *
 * @description You can call the ModifyVpcFirewallCenSwitchStatus operation to enable or disable a VPC firewall. A VPC firewall protects mutual access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. After you enable the VPC firewall, the VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. After you disable the VPC firewall, the VPC firewall no longer protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance.
 * Before you call this operation, make sure that you have created a VPC firewall by calling the [CreateVpcFirewallCenConfigure](https://help.aliyun.com/document_detail/345772.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallCenSwitchStatusRequest
 * @return ModifyVpcFirewallCenSwitchStatusResponse
 */
async function modifyVpcFirewallCenSwitchStatus(request: ModifyVpcFirewallCenSwitchStatusRequest): ModifyVpcFirewallCenSwitchStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallCenSwitchStatusWithOptions(request, runtime);
}

model ModifyVpcFirewallConfigureRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  localVpcCidrTableList?: string(name='LocalVpcCidrTableList', description='The CIDR blocks of the local VPC. The value is a JSON string that contains the following parameters:

*   **RouteTableId**: the ID of the route table for the local VPC.
*   **RouteEntryList**: The value is a JSON string that contains the DestinationCidr and NextHopInstanceId parameters. The DestinationCidr parameter indicates the destination CIDR block of the local VPC. The NextHopInstanceId parameter indicates the instance ID of the next hop for the local VPC.

> You can call the [DescribeVpcFirewallDetail](https://help.aliyun.com/document_detail/342892.html) operation to query the CIDR blocks of local VPCs for VPC firewalls.

This parameter is required.', example='[{"RouteTableId":"vtb-1234","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]},{"RouteTableId":"vtb-1235","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]}]'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  peerVpcCidrTableList?: string(name='PeerVpcCidrTableList', description='The CIDR blocks of the peer VPC. The value is a JSON string that contains the following parameters:

*   **RouteTableId**: the ID of the route table for the peer VPC.
*   **RouteEntryList**: The value is a JSON string that contains the DestinationCidr and NextHopInstanceId parameters. The DestinationCidr parameter indicates the destination CIDR block of the peer VPC. The NextHopInstanceId parameter indicates the instance ID of the next hop for the peer VPC.

> You can call the [DescribeVpcFirewallDetail](https://help.aliyun.com/document_detail/342892.html) operation to query the CIDR blocks of peer VPCs for VPC firewalls.

This parameter is required.', example='[{"RouteTableId":"vtb-1234","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]},{"RouteTableId":"vtb-1235","RouteEntryList":[{"DestinationCidr":"192.168.XX.XX/24","NextHopInstanceId":"vrt-m5eb5me6c3l5sezae****"}]}]'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

> You can call the [DescribeVpcFirewallList](https://help.aliyun.com/document_detail/342932.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
  vpcFirewallName?: string(name='VpcFirewallName', description='The instance name of the VPC firewall.

This parameter is required.', example='Test firewall'),
}

model ModifyVpcFirewallConfigureResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125k6f8'),
}

model ModifyVpcFirewallConfigureResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallConfigureResponseBody(name='body'),
}

/**
 * @summary Modifies the configurations of a virtual private cloud (VPC) firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the ModifyVpcFirewallConfigure operation to modify the configurations of a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit. Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://help.aliyun.com/document_detail/342893.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallConfigureRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallConfigureResponse
 */
async function modifyVpcFirewallConfigureWithOptions(request: ModifyVpcFirewallConfigureRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallConfigureResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.localVpcCidrTableList)) {
    query['LocalVpcCidrTableList'] = request.localVpcCidrTableList;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.peerVpcCidrTableList)) {
    query['PeerVpcCidrTableList'] = request.peerVpcCidrTableList;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  if (!Util.isUnset(request.vpcFirewallName)) {
    query['VpcFirewallName'] = request.vpcFirewallName;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallConfigure',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the configurations of a virtual private cloud (VPC) firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the ModifyVpcFirewallConfigure operation to modify the configurations of a VPC firewall. The VPC firewall controls traffic between two VPCs that are connected by using an Express Connect circuit. Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://help.aliyun.com/document_detail/342893.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallConfigureRequest
 * @return ModifyVpcFirewallConfigureResponse
 */
async function modifyVpcFirewallConfigure(request: ModifyVpcFirewallConfigureRequest): ModifyVpcFirewallConfigureResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallConfigureWithOptions(request, runtime);
}

model ModifyVpcFirewallControlPolicyRequest {
  aclAction?: string(name='AclAction', description='The action that Cloud Firewall performs on the traffic.

Valid values:

*   **accept**: allows the traffic.
*   **drop**: blocks the traffic.
*   **log**: monitors the traffic.', example='accept'),
  aclUuid?: string(name='AclUuid', description='The unique ID of the access control policy.

If you want to modify the configurations of an access control policy, you must provide the unique ID of the policy. You can call the [DescribeVpcFirewallControlPolicy](https://help.aliyun.com/document_detail/159758.html) operation to query the ID.

This parameter is required.', example='00281255-d220-4db1-8f4f-c4df221a****'),
  applicationName?: string(name='ApplicationName', description='The type of the application that the access control policy supports.

Valid values:

*   ANY: all application types
*   FTP
*   HTTP
*   HTTPS
*   MySQL
*   SMTP
*   SMTPS
*   RDP
*   VNC
*   SSH
*   Redis
*   MQTT
*   MongoDB
*   Memcache
*   SSL', example='HTTP', deprecated=true),
  applicationNameList?: [ string ](name='ApplicationNameList', description='The application names.'),
  description?: string(name='Description', description='The description of the access control policy.', example='test'),
  destPort?: string(name='DestPort', description='The destination port in the access control policy.', example='80'),
  destPortGroup?: string(name='DestPortGroup', description='The name of the destination port address book in the access control policy.', example='my_port_group'),
  destPortType?: string(name='DestPortType', description='The type of the destination port in the access control policy.

*   **port**: port
*   **group**: port address book', example='port'),
  destination?: string(name='Destination', description='The destination address in the access control policy.

*   If **DestinationType** is set to `net`, the value of this parameter must be a CIDR block.

    Example: 10.2.3.0/24

*   If **DestinationType** is set to `group`, the value of this parameter must be an address book name.

    Example: db_group

*   If **DestinationType** is set to `domain`, the value of this parameter must be a domain name.

    Example: \\\\*.aliyuncs.com', example='10.2.X.X/XX'),
  destinationType?: string(name='DestinationType', description='The type of the destination address in the access control policy.

Valid values:

*   **net**: CIDR block
*   **group**: address book
*   **domain**: domain name', example='net'),
  domainResolveType?: string(name='DomainResolveType', description='The domain name resolution method of the access control policy. By default, an access control policy is enabled after the policy is created. Valid values:

* **FQDN**: fully qualified domain name (FQDN)-based resolution
* **DNS**: DNS-based dynamic resolution
* **FQDN_AND_DNS**: FQDN and DNS-based dynamic resolution', example='FQDN'),
  endTime?: long(name='EndTime', description='The time when the access control policy stops taking effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of StartTime.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694764800'),
  lang?: string(name='Lang', description='The language of the content within the response.

Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  proto?: string(name='Proto', description='The protocol type in the access control policy.

Valid values:

*   ANY: all protocol types
*   TCP
*   UDP
*   ICMP', example='TCP'),
  release?: string(name='Release', description='Specifies whether to enable the access control policy. By default, an access control policy is enabled after the policy is created. Valid values:

*   **true**: enables the access control policy.
*   **false**: disables the access control policy.', example='true'),
  repeatDays?: [ long ](name='RepeatDays', description='The days of a week or of a month on which the access control policy takes effect.

*   If you set RepeatType to `Permanent`, `None`, or `Daily`, the value of this parameter is an empty array. Example: [].
*   If you set RepeatType to Weekly, you must specify this parameter. Example: [0, 6].

>  If you set RepeatType to Weekly, the fields in the value of this parameter cannot be repeated.

*   If you set RepeatType to `Monthly`, you must specify this parameter. Example: [1, 31].

>  If you set RepeatType to Monthly, the fields in the value of this parameter cannot be repeated.'),
  repeatEndTime?: string(name='RepeatEndTime', description='The point in time when the recurrence ends. Example: 23:30. The value must be on the hour or on the half hour, and at least 30 minutes later than the value of RepeatStartTime.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='23:30'),
  repeatStartTime?: string(name='RepeatStartTime', description='The point in time when the recurrence starts. Example: 08:00. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of RepeatEndTime.

>  If you set RepeatType to Permanent or None, leave this parameter empty. If you set RepeatType to Daily, Weekly, or Monthly, you must specify this parameter.', example='08:00'),
  repeatType?: string(name='RepeatType', description='The recurrence type for the access control policy to take effect. Valid values:

*   **Permanent** (default): The policy always takes effect.
*   **None**: The policy takes effect for only once.
*   **Daily**: The policy takes effect on a daily basis.
*   **Weekly**: The policy takes effect on a weekly basis.
*   **Monthly**: The policy takes effect on a monthly basis.', example='Permanent'),
  source?: string(name='Source', description='The source address in the access control policy.

Valid values:

*   If **SourceType** is set to `net`, the value of this parameter must be a CIDR block.

    Example: 10.2.4.0/24

*   If **SourceType** is set to `group`, the value of this parameter must be an address book name.

    Example: db_group', example='10.2.X.X/XX'),
  sourceType?: string(name='SourceType', description='The type of the source address in the access control policy.

Valid values:

*   **net**: CIDR block
*   **group**: address book', example='net'),
  startTime?: long(name='StartTime', description='The time when the access control policy starts to take effect. The value is a UNIX timestamp. Unit: seconds. The value must be on the hour or on the half hour, and at least 30 minutes earlier than the value of EndTime.

>  If you set RepeatType to Permanent, leave this parameter empty. If you set RepeatType to None, Daily, Weekly, or Monthly, you must specify this parameter.', example='1694761200'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall. You can call the [DescribeVpcFirewallAclGroupList](https://help.aliyun.com/document_detail/159760.html) operation to query the ID.

*   If the VPC firewall is used to protect a CEN instance, the value of this parameter must be the ID of the CEN instance.

    Example: cen-ervw0g12b5jbw\\\\*\\\\*\\\\*\\\\*

*   If the VPC firewall is used to protect an Express Connect circuit, the value of this parameter must be the instance ID of the VPC firewall.

    Example: vfw-a42bbb7b887148c9\\\\*\\\\*\\\\*\\\\*

This parameter is required.', example='vfw-a42bbb7b887148c9****'),
}

model ModifyVpcFirewallControlPolicyResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='CBF1E9B7-D6A0-4E9E-AD3E-2B47E6C2837D'),
}

model ModifyVpcFirewallControlPolicyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallControlPolicyResponseBody(name='body'),
}

/**
 * @summary Modifies the configurations of an access control policy that is created for a virtual private cloud (VPC) firewall in a specified policy group.
 *
 * @description You can call the ModifyVpcFirewallControlPolicy operation to modify the configurations of an access control policy that is created for a VPC firewall in a specified policy group. Different access control policies are used for the VPC firewalls that are used to protect each Cloud Enterprise Network (CEN) instance and the VPC firewalls that are used to protect each Express Connect circuit.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallControlPolicyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallControlPolicyResponse
 */
async function modifyVpcFirewallControlPolicyWithOptions(request: ModifyVpcFirewallControlPolicyRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallControlPolicyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclAction)) {
    query['AclAction'] = request.aclAction;
  }
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.applicationName)) {
    query['ApplicationName'] = request.applicationName;
  }
  if (!Util.isUnset(request.applicationNameList)) {
    query['ApplicationNameList'] = request.applicationNameList;
  }
  if (!Util.isUnset(request.description)) {
    query['Description'] = request.description;
  }
  if (!Util.isUnset(request.destPort)) {
    query['DestPort'] = request.destPort;
  }
  if (!Util.isUnset(request.destPortGroup)) {
    query['DestPortGroup'] = request.destPortGroup;
  }
  if (!Util.isUnset(request.destPortType)) {
    query['DestPortType'] = request.destPortType;
  }
  if (!Util.isUnset(request.destination)) {
    query['Destination'] = request.destination;
  }
  if (!Util.isUnset(request.destinationType)) {
    query['DestinationType'] = request.destinationType;
  }
  if (!Util.isUnset(request.domainResolveType)) {
    query['DomainResolveType'] = request.domainResolveType;
  }
  if (!Util.isUnset(request.endTime)) {
    query['EndTime'] = request.endTime;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.proto)) {
    query['Proto'] = request.proto;
  }
  if (!Util.isUnset(request.release)) {
    query['Release'] = request.release;
  }
  if (!Util.isUnset(request.repeatDays)) {
    query['RepeatDays'] = request.repeatDays;
  }
  if (!Util.isUnset(request.repeatEndTime)) {
    query['RepeatEndTime'] = request.repeatEndTime;
  }
  if (!Util.isUnset(request.repeatStartTime)) {
    query['RepeatStartTime'] = request.repeatStartTime;
  }
  if (!Util.isUnset(request.repeatType)) {
    query['RepeatType'] = request.repeatType;
  }
  if (!Util.isUnset(request.source)) {
    query['Source'] = request.source;
  }
  if (!Util.isUnset(request.sourceType)) {
    query['SourceType'] = request.sourceType;
  }
  if (!Util.isUnset(request.startTime)) {
    query['StartTime'] = request.startTime;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallControlPolicy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the configurations of an access control policy that is created for a virtual private cloud (VPC) firewall in a specified policy group.
 *
 * @description You can call the ModifyVpcFirewallControlPolicy operation to modify the configurations of an access control policy that is created for a VPC firewall in a specified policy group. Different access control policies are used for the VPC firewalls that are used to protect each Cloud Enterprise Network (CEN) instance and the VPC firewalls that are used to protect each Express Connect circuit.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallControlPolicyRequest
 * @return ModifyVpcFirewallControlPolicyResponse
 */
async function modifyVpcFirewallControlPolicy(request: ModifyVpcFirewallControlPolicyRequest): ModifyVpcFirewallControlPolicyResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallControlPolicyWithOptions(request, runtime);
}

model ModifyVpcFirewallControlPolicyPositionRequest {
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.

If you want to modify the configurations of an access control policy, you must provide the UUID of the policy. You can call the [DescribeVpcFirewallControlPolicy](https://help.aliyun.com/document_detail/159758.html) operation to query the UUID.', example='2746d9ff-5d7c-449d-a2a9-ccaa15fe****'),
  lang?: string(name='Lang', description='The language of the content within the request and the response.

Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  newOrder?: string(name='NewOrder', description='The new priority of the access control policy.

>  For more information about the valid values of the new priority, see [DescribeVpcFirewallPolicyPriorUsed](https://help.aliyun.com/document_detail/474145.html).

This parameter is required.', example='1'),
  oldOrder?: string(name='OldOrder', description='The original priority of the access control policy.

> This parameter is not recommended. We recommend that you use the AclUuid parameter to specify the policy that you want to modify.', example='5'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The ID of the group to which the access control policy belongs. You can call the [DescribeVpcFirewallAclGroupList](https://help.aliyun.com/document_detail/159760.html) operation to query the ID.

Valid values:

*   If the VPC firewall is used to protect a CEN instance, the value of this parameter must be the ID of the CEN instance.

    Example: cen-ervw0g12b5jbw\\\\*\\\\*\\\\*\\\\*

*   If the VPC firewall is used to protect an Express Connect circuit, the value of this parameter must be the instance ID of the VPC firewall.

    Example: vfw-a42bbb7b887148c9\\\\*\\\\*\\\\*\\\\*

This parameter is required.', example='vfw-a42bbb7b887148c9****'),
}

model ModifyVpcFirewallControlPolicyPositionResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='850A84D6-0DE4-4797-A1E8-00090125EEB1'),
}

model ModifyVpcFirewallControlPolicyPositionResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallControlPolicyPositionResponseBody(name='body'),
}

/**
 * @summary Modifies the priority of an access control policy that is created for a virtual private cloud (VPC) firewall in a specific policy group.
 *
 * @description You can use this operation to modify the priority of an access control policy that is created for a VPC firewall in a specific policy group.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallControlPolicyPositionRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallControlPolicyPositionResponse
 */
async function modifyVpcFirewallControlPolicyPositionWithOptions(request: ModifyVpcFirewallControlPolicyPositionRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallControlPolicyPositionResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.newOrder)) {
    query['NewOrder'] = request.newOrder;
  }
  if (!Util.isUnset(request.oldOrder)) {
    query['OldOrder'] = request.oldOrder;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallControlPolicyPosition',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the priority of an access control policy that is created for a virtual private cloud (VPC) firewall in a specific policy group.
 *
 * @description You can use this operation to modify the priority of an access control policy that is created for a VPC firewall in a specific policy group.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallControlPolicyPositionRequest
 * @return ModifyVpcFirewallControlPolicyPositionResponse
 */
async function modifyVpcFirewallControlPolicyPosition(request: ModifyVpcFirewallControlPolicyPositionRequest): ModifyVpcFirewallControlPolicyPositionResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallControlPolicyPositionWithOptions(request, runtime);
}

model ModifyVpcFirewallDefaultIPSConfigRequest {
  basicRules?: string(name='BasicRules', description='Specifies whether to enable basic protection. Valid values:

*   **1**: yes.
*   **0**: no.

This parameter is required.', example='1'),
  enableAllPatch?: string(name='EnableAllPatch', description='Specifies whether to enable virtual patching. Valid values:

*   **1**: yes.
*   **0**: no.

This parameter is required.', example='1'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  ruleClass?: string(name='RuleClass', description='The level of the rule group for the IPS. Valid values:

*   **1**: loose
*   **2**: medium
*   **3**: strict', example='1'),
  runMode?: string(name='RunMode', description='The mode of the intrusion prevention system (IPS). Valid values:

*   **1**: block mode.
*   **0**: monitor mode.

This parameter is required.', example='0'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

*   If the VPC firewall protects traffic between a VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance, the value of this parameter is the ID of the CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance. You can call the [DescribeVpcFirewallCenList](https://help.aliyun.com/document_detail/345777.html) operation to query the IDs of CEN instances.
*   If the VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit, the value of this parameter is the instance ID of the VPC firewall. You can call the [DescribeVpcFirewallList](https://help.aliyun.com/document_detail/342932.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
}

model ModifyVpcFirewallDefaultIPSConfigResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='3B51B5BF-3C26-5009-ADAB-190E58DE4D6E'),
}

model ModifyVpcFirewallDefaultIPSConfigResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallDefaultIPSConfigResponseBody(name='body'),
}

/**
 * @summary Modifies the intrusion prevention configurations of a virtual private cloud (VPC) firewall.
 *
 * @description You can call this operation to modify the intrusion prevention configurations of a VPC firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallDefaultIPSConfigRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallDefaultIPSConfigResponse
 */
async function modifyVpcFirewallDefaultIPSConfigWithOptions(request: ModifyVpcFirewallDefaultIPSConfigRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallDefaultIPSConfigResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.basicRules)) {
    query['BasicRules'] = request.basicRules;
  }
  if (!Util.isUnset(request.enableAllPatch)) {
    query['EnableAllPatch'] = request.enableAllPatch;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.ruleClass)) {
    query['RuleClass'] = request.ruleClass;
  }
  if (!Util.isUnset(request.runMode)) {
    query['RunMode'] = request.runMode;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallDefaultIPSConfig',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the intrusion prevention configurations of a virtual private cloud (VPC) firewall.
 *
 * @description You can call this operation to modify the intrusion prevention configurations of a VPC firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallDefaultIPSConfigRequest
 * @return ModifyVpcFirewallDefaultIPSConfigResponse
 */
async function modifyVpcFirewallDefaultIPSConfig(request: ModifyVpcFirewallDefaultIPSConfigRequest): ModifyVpcFirewallDefaultIPSConfigResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallDefaultIPSConfigWithOptions(request, runtime);
}

model ModifyVpcFirewallIPSWhitelistRequest {
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  listType?: long(name='ListType', description='The type of the list. Valid values:

*   **1**: user-defined
*   **2**: address book

This parameter is required.', example='1'),
  listValue?: string(name='ListValue', description='The entry in the list.', example='10.130.0.0/20,10.130.17.11/32'),
  memberUid?: long(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='1415189284827022'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

This parameter is required.', example='vfw-d7b8ce273791475b9b0b'),
  whiteType?: long(name='WhiteType', description='The type of the whitelist. Valid values:

*   **1**: destination
*   **2**: source

This parameter is required.', example='1'),
}

model ModifyVpcFirewallIPSWhitelistResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='F2E8D49A-E5AA-5FF8-8822-25282DCF4BE8'),
}

model ModifyVpcFirewallIPSWhitelistResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallIPSWhitelistResponseBody(name='body'),
}

/**
 * @summary Modifies the IPS whitelist of a virtual private cloud (VPC) firewall.
 *
 * @param request ModifyVpcFirewallIPSWhitelistRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallIPSWhitelistResponse
 */
async function modifyVpcFirewallIPSWhitelistWithOptions(request: ModifyVpcFirewallIPSWhitelistRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallIPSWhitelistResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.listType)) {
    query['ListType'] = request.listType;
  }
  if (!Util.isUnset(request.listValue)) {
    query['ListValue'] = request.listValue;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  if (!Util.isUnset(request.whiteType)) {
    query['WhiteType'] = request.whiteType;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallIPSWhitelist',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Modifies the IPS whitelist of a virtual private cloud (VPC) firewall.
 *
 * @param request ModifyVpcFirewallIPSWhitelistRequest
 * @return ModifyVpcFirewallIPSWhitelistResponse
 */
async function modifyVpcFirewallIPSWhitelist(request: ModifyVpcFirewallIPSWhitelistRequest): ModifyVpcFirewallIPSWhitelistResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallIPSWhitelistWithOptions(request, runtime);
}

model ModifyVpcFirewallSwitchStatusRequest {
  firewallSwitch?: string(name='FirewallSwitch', description='Specifies whether to enable the VPC firewall. Valid values:

*   **open**: yes
*   **close**: no

This parameter is required.', example='open'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  memberUid?: string(name='MemberUid', description='The UID of the member that is managed by your Alibaba Cloud account.', example='258039427902****'),
  vpcFirewallId?: string(name='VpcFirewallId', description='The instance ID of the VPC firewall.

> You can call the [DescribeVpcFirewallList](https://help.aliyun.com/document_detail/342932.html) operation to query the instance IDs of VPC firewalls.

This parameter is required.', example='vfw-m5e7dbc4y****'),
}

model ModifyVpcFirewallSwitchStatusResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='850A84D6-0DE4-4797-A1E8-00090125afj2'),
}

model ModifyVpcFirewallSwitchStatusResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ModifyVpcFirewallSwitchStatusResponseBody(name='body'),
}

/**
 * @summary Enables or disables a virtual private cloud (VPC) firewall. The VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the ModifyVpcFirewallSwitchStatus operation to enable or disable a VPC firewall. The VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit. After you enable the VPC firewall, the VPC firewall protects access traffic between two VPCs that are connected by using an Express Connect circuit. After you disable the VPC firewall, the VPC firewall no longer protects access traffic between two VPCs that are connected by using an Express Connect circuit.
 * Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://help.aliyun.com/document_detail/342893.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallSwitchStatusRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ModifyVpcFirewallSwitchStatusResponse
 */
async function modifyVpcFirewallSwitchStatusWithOptions(request: ModifyVpcFirewallSwitchStatusRequest, runtime: Util.RuntimeOptions): ModifyVpcFirewallSwitchStatusResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.firewallSwitch)) {
    query['FirewallSwitch'] = request.firewallSwitch;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.memberUid)) {
    query['MemberUid'] = request.memberUid;
  }
  if (!Util.isUnset(request.vpcFirewallId)) {
    query['VpcFirewallId'] = request.vpcFirewallId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ModifyVpcFirewallSwitchStatus',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Enables or disables a virtual private cloud (VPC) firewall. The VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit.
 *
 * @description You can call the ModifyVpcFirewallSwitchStatus operation to enable or disable a VPC firewall. The VPC firewall protects traffic between two VPCs that are connected by using an Express Connect circuit. After you enable the VPC firewall, the VPC firewall protects access traffic between two VPCs that are connected by using an Express Connect circuit. After you disable the VPC firewall, the VPC firewall no longer protects access traffic between two VPCs that are connected by using an Express Connect circuit.
 * Before you call the operation, make sure that you created a VPC firewall by calling the [CreateVpcFirewallConfigure](https://help.aliyun.com/document_detail/342893.html) operation.
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ModifyVpcFirewallSwitchStatusRequest
 * @return ModifyVpcFirewallSwitchStatusResponse
 */
async function modifyVpcFirewallSwitchStatus(request: ModifyVpcFirewallSwitchStatusRequest): ModifyVpcFirewallSwitchStatusResponse {
  var runtime = new Util.RuntimeOptions{};
  return modifyVpcFirewallSwitchStatusWithOptions(request, runtime);
}

model PutDisableAllFwSwitchRequest {
  instanceId?: string(name='InstanceId', description='The instance ID of your Cloud Firewall.', example='i-2ze8v2x5kd9qyvp2****'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values: Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model PutDisableAllFwSwitchResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='B2841452-CB8D-4F7D-B247-38E1CF7334F8'),
}

model PutDisableAllFwSwitchResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: PutDisableAllFwSwitchResponseBody(name='body'),
}

/**
 * @summary Turns off all firewall switches.
 *
 * @description You can call the PutDisableAllFwSwitch operation to turn off all firewall switches.
 * ## [](#qps-)QPS limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutDisableAllFwSwitchRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return PutDisableAllFwSwitchResponse
 */
async function putDisableAllFwSwitchWithOptions(request: PutDisableAllFwSwitchRequest, runtime: Util.RuntimeOptions): PutDisableAllFwSwitchResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'PutDisableAllFwSwitch',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Turns off all firewall switches.
 *
 * @description You can call the PutDisableAllFwSwitch operation to turn off all firewall switches.
 * ## [](#qps-)QPS limits
 * You can call this operation up to 10 times per second per account. If the number of calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutDisableAllFwSwitchRequest
 * @return PutDisableAllFwSwitchResponse
 */
async function putDisableAllFwSwitch(request: PutDisableAllFwSwitchRequest): PutDisableAllFwSwitchResponse {
  var runtime = new Util.RuntimeOptions{};
  return putDisableAllFwSwitchWithOptions(request, runtime);
}

model PutDisableFwSwitchRequest {
  ipaddrList?: [ string ](name='IpaddrList', description='The IP addresses.

>  You must specify at least one of the IpaddrList, RegionList, and ResourceTypeList parameters.', example='["192.0.XX.XX","192.0.XX.XX"]'),
  lang?: string(name='Lang', description='The language of the content within the response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  regionList?: [ string ](name='RegionList', description='The regions.

>  You must specify at least one of the IpaddrList, RegionList, and ResourceTypeList parameters.', example='["cn-hangzhou","cn-shanghai"]'),
  resourceTypeList?: [ string ](name='ResourceTypeList', description='The types of the assets.

> You must specify at least one of the IpaddrList, RegionList, and ResourceTypeList parameters.', example='["EcsPublicIp","NatEip"]'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model PutDisableFwSwitchResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='B2841452-CB8D-4F7D-B247-38E1CF7334F8'),
}

model PutDisableFwSwitchResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: PutDisableFwSwitchResponseBody(name='body'),
}

/**
 * @summary Disable a firewall for specific assets.
 *
 * @description You can call the PutDisableFwSwitch operation to disable a firewall for specific assets. After you disable the firewall, traffic does not pass through Cloud Firewall.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutDisableFwSwitchRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return PutDisableFwSwitchResponse
 */
async function putDisableFwSwitchWithOptions(request: PutDisableFwSwitchRequest, runtime: Util.RuntimeOptions): PutDisableFwSwitchResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.ipaddrList)) {
    query['IpaddrList'] = request.ipaddrList;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.regionList)) {
    query['RegionList'] = request.regionList;
  }
  if (!Util.isUnset(request.resourceTypeList)) {
    query['ResourceTypeList'] = request.resourceTypeList;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'PutDisableFwSwitch',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Disable a firewall for specific assets.
 *
 * @description You can call the PutDisableFwSwitch operation to disable a firewall for specific assets. After you disable the firewall, traffic does not pass through Cloud Firewall.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutDisableFwSwitchRequest
 * @return PutDisableFwSwitchResponse
 */
async function putDisableFwSwitch(request: PutDisableFwSwitchRequest): PutDisableFwSwitchResponse {
  var runtime = new Util.RuntimeOptions{};
  return putDisableFwSwitchWithOptions(request, runtime);
}

model PutEnableAllFwSwitchRequest {
  instanceId?: string(name='InstanceId', description='The instance ID of your Cloud Firewall.', example='i-2ze8v2x5kd9qyvp2****'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh**: Chinese (default)
*   **en**: English', example='zh'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.XX.XX', deprecated=true),
}

model PutEnableAllFwSwitchResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='B2841452-CB8D-4F7D-B247-38E1CF7334F8'),
}

model PutEnableAllFwSwitchResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: PutEnableAllFwSwitchResponseBody(name='body'),
}

/**
 * @summary Enables a firewall for all public IP addresses within your Alibaba Cloud account.
 *
 * @description You can call the PutEnableAllFwSwitch operation to enable a firewall for all public IP addresses within your Alibaba Cloud account.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutEnableAllFwSwitchRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return PutEnableAllFwSwitchResponse
 */
async function putEnableAllFwSwitchWithOptions(request: PutEnableAllFwSwitchRequest, runtime: Util.RuntimeOptions): PutEnableAllFwSwitchResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'PutEnableAllFwSwitch',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Enables a firewall for all public IP addresses within your Alibaba Cloud account.
 *
 * @description You can call the PutEnableAllFwSwitch operation to enable a firewall for all public IP addresses within your Alibaba Cloud account.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutEnableAllFwSwitchRequest
 * @return PutEnableAllFwSwitchResponse
 */
async function putEnableAllFwSwitch(request: PutEnableAllFwSwitchRequest): PutEnableAllFwSwitchResponse {
  var runtime = new Util.RuntimeOptions{};
  return putEnableAllFwSwitchWithOptions(request, runtime);
}

model PutEnableFwSwitchRequest {
  ipaddrList?: [ string ](name='IpaddrList', description='The IP addresses.

> You must specify at least one of the IpaddrList, RegionList, and ResourceTypeList parameters.', example='["192.0.X.X","192.0.X.X"]'),
  lang?: string(name='Lang', description='The language of the content within the response.

*   **zh**: Chinese
*   **en**: English', example='zh'),
  regionList?: [ string ](name='RegionList', description='The regions.

> You must specify at least one of the IpaddrList, RegionList, and ResourceTypeList parameters.', example='["cn-hangzhou","cn-shanghai"]'),
  resourceTypeList?: [ string ](name='ResourceTypeList', description='The types of the assets.

Valid values:

*   BastionHostIP: the egress IP address of a bastion host
*   BastionHostIngressIP: the ingress IP address of a bastion host
*   EcsEIP: the elastic IP address (EIP) of an Elastic Compute Service (ECS) instance
*   EcsPublicIP: the public IP address of an ECS instance
*   EIP: the EIP
*   EniEIP: the EIP of an elastic network interface (ENI)
*   NatEIP: the EIP of a NAT gateway
*   SlbEIP: the EIP of a Server Load Balancer (SLB) instance
*   SlbPublicIP: the public IP address of an SLB instance
*   NatPublicIP: the public IP address of a NAT gateway
*   HAVIP: the high-availability virtual IP address (HAVIP)

> You must specify at least one of the IpaddrList, RegionList, and ResourceTypeList parameters.', example='["EcsPublicIp","NatEip"]'),
  sourceIp?: string(name='SourceIp', description='The source IP address of the request.', example='192.0.X.X', deprecated=true),
}

model PutEnableFwSwitchResponseBody = {
  abnormalResourceStatusList?: [ 
    {
      msg?: string(name='Msg', description='The message displayed when the asset is not synchronized to Cloud Firewall. Valid values:

*   cloudfirewall do not sync this ip address: This IP address is not synchronized to Cloud Firewall.', example='cloudfirewall do not sync this ip address'),
      resource?: string(name='Resource', description='The IP address of the asset.', example='203.0.113.0'),
      status?: string(name='Status', description='The status of the asset when it is not synchronized to Cloud Firewall. Valid values:

*   ip_not_sync: The asset is not synchronized.', example='ip_not_sync'),
    }
  ](name='AbnormalResourceStatusList', description='The status information of the asset when it is not synchronized to Cloud Firewall.'),
  requestId?: string(name='RequestId', description='The ID of the request.', example='B2841452-CB8D-4F7D-B247-38E1CF7334F8'),
}

model PutEnableFwSwitchResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: PutEnableFwSwitchResponseBody(name='body'),
}

/**
 * @summary Enables firewalls for specific assets.
 *
 * @description You can call this operation to enable a firewall. After you enable a firewall, traffic passes through Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to five times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutEnableFwSwitchRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return PutEnableFwSwitchResponse
 */
async function putEnableFwSwitchWithOptions(request: PutEnableFwSwitchRequest, runtime: Util.RuntimeOptions): PutEnableFwSwitchResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.ipaddrList)) {
    query['IpaddrList'] = request.ipaddrList;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.regionList)) {
    query['RegionList'] = request.regionList;
  }
  if (!Util.isUnset(request.resourceTypeList)) {
    query['ResourceTypeList'] = request.resourceTypeList;
  }
  if (!Util.isUnset(request.sourceIp)) {
    query['SourceIp'] = request.sourceIp;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'PutEnableFwSwitch',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Enables firewalls for specific assets.
 *
 * @description You can call this operation to enable a firewall. After you enable a firewall, traffic passes through Cloud Firewall.
 * ## [](#qps-)Limits
 * You can call this operation up to five times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request PutEnableFwSwitchRequest
 * @return PutEnableFwSwitchResponse
 */
async function putEnableFwSwitch(request: PutEnableFwSwitchRequest): PutEnableFwSwitchResponse {
  var runtime = new Util.RuntimeOptions{};
  return putEnableFwSwitchWithOptions(request, runtime);
}

model ReleasePostInstanceRequest {
  instanceId?: string(name='InstanceId', description='The ID of the Cloud Firewall instance.', example='cfw_elasticity_public_cn-xxx'),
}

model ReleasePostInstanceResponseBody = {
  httpStatusCode?: int32(name='HttpStatusCode', description='The HTTP status code.', example='200'),
  releaseStatus?: boolean(name='ReleaseStatus', description='Indicates whether the release was successful. Valid values:

*   **true**
*   **false**', example='true'),
  requestId?: string(name='RequestId', description='The request ID, which is used to locate and troubleshoot issues.', example='EE316A19-xxxx-5043-9DF1-C04458ABC570'),
  success?: boolean(name='Success', description='Indicates whether the request was successful.', example='true'),
}

model ReleasePostInstanceResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ReleasePostInstanceResponseBody(name='body'),
}

/**
 * @summary Releases Cloud Firewall that uses the pay-as-you-go billing method.
 *
 * @param request ReleasePostInstanceRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ReleasePostInstanceResponse
 */
async function releasePostInstanceWithOptions(request: ReleasePostInstanceRequest, runtime: Util.RuntimeOptions): ReleasePostInstanceResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.instanceId)) {
    query['InstanceId'] = request.instanceId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ReleasePostInstance',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Releases Cloud Firewall that uses the pay-as-you-go billing method.
 *
 * @param request ReleasePostInstanceRequest
 * @return ReleasePostInstanceResponse
 */
async function releasePostInstance(request: ReleasePostInstanceRequest): ReleasePostInstanceResponse {
  var runtime = new Util.RuntimeOptions{};
  return releasePostInstanceWithOptions(request, runtime);
}

model ResetNatFirewallRuleHitCountRequest {
  aclUuid?: string(name='AclUuid', description='The UUID of the access control policy.

This parameter is required.', example='3de3aed5-6de7-4ecd-9106-cfe994b9c49f'),
  lang?: string(name='Lang', description='The language of the content within the request and response. Valid values:

*   **zh** (default): Chinese
*   **en**: English', example='zh'),
  natGatewayId?: string(name='NatGatewayId', description='The ID of the NAT gateway.', example='ngw-zm0h3c1exm5bifuorg8c5'),
}

model ResetNatFirewallRuleHitCountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='5CAA0FFD-4B94-5BB9-8B0A-ECFC86A0E666'),
}

model ResetNatFirewallRuleHitCountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ResetNatFirewallRuleHitCountResponseBody(name='body'),
}

/**
 * @summary Resets the number of NAT firewall hits.
 *
 * @param request ResetNatFirewallRuleHitCountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ResetNatFirewallRuleHitCountResponse
 */
async function resetNatFirewallRuleHitCountWithOptions(request: ResetNatFirewallRuleHitCountRequest, runtime: Util.RuntimeOptions): ResetNatFirewallRuleHitCountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.natGatewayId)) {
    query['NatGatewayId'] = request.natGatewayId;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ResetNatFirewallRuleHitCount',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Resets the number of NAT firewall hits.
 *
 * @param request ResetNatFirewallRuleHitCountRequest
 * @return ResetNatFirewallRuleHitCountResponse
 */
async function resetNatFirewallRuleHitCount(request: ResetNatFirewallRuleHitCountRequest): ResetNatFirewallRuleHitCountResponse {
  var runtime = new Util.RuntimeOptions{};
  return resetNatFirewallRuleHitCountWithOptions(request, runtime);
}

model ResetVpcFirewallRuleHitCountRequest {
  aclUuid?: string(name='AclUuid', description='The ID of the access control policy.

This parameter is required.', example='00281255-d220-4db1-8f4f-c4df221a****'),
  lang?: string(name='Lang', description='The natural language of the request and response. 

Valid values:

- **zh**: Chinese (default)
- **en**: English', example='zh'),
}

model ResetVpcFirewallRuleHitCountResponseBody = {
  requestId?: string(name='RequestId', description='The ID of the request.', example='A918B4F6-482F-5A91-8F65-AFFFF1FC04EA'),
}

model ResetVpcFirewallRuleHitCountResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: ResetVpcFirewallRuleHitCountResponseBody(name='body'),
}

/**
 * @summary Clears the count on hits of an access control policy that is created for a virtual private cloud (VPC) firewall in a specific policy group.
 *
 * @description You can call the ResetVpcFirewallRuleHitCount operation to clear the count on hits of an access control policy that is created for a VPC firewall in a specific policy group.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ResetVpcFirewallRuleHitCountRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return ResetVpcFirewallRuleHitCountResponse
 */
async function resetVpcFirewallRuleHitCountWithOptions(request: ResetVpcFirewallRuleHitCountRequest, runtime: Util.RuntimeOptions): ResetVpcFirewallRuleHitCountResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.aclUuid)) {
    query['AclUuid'] = request.aclUuid;
  }
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'ResetVpcFirewallRuleHitCount',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Clears the count on hits of an access control policy that is created for a virtual private cloud (VPC) firewall in a specific policy group.
 *
 * @description You can call the ResetVpcFirewallRuleHitCount operation to clear the count on hits of an access control policy that is created for a VPC firewall in a specific policy group.  
 * ## Limits
 * You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.
 *
 * @param request ResetVpcFirewallRuleHitCountRequest
 * @return ResetVpcFirewallRuleHitCountResponse
 */
async function resetVpcFirewallRuleHitCount(request: ResetVpcFirewallRuleHitCountRequest): ResetVpcFirewallRuleHitCountResponse {
  var runtime = new Util.RuntimeOptions{};
  return resetVpcFirewallRuleHitCountWithOptions(request, runtime);
}

model SwitchSecurityProxyRequest {
  lang?: string(name='Lang', description='The language of the content within the request and the response. Valid values:

*   **zh** (default)
*   **en**', example='zh'),
  proxyId?: string(name='ProxyId', description='The ID of the NAT firewall.

This parameter is required.', example='proxy-natbfd2fafbb77042308d1b'),
  switch?: string(name='Switch', description='Specifies whether to enable the NAT firewall. Valid values:

*   open: yes
*   close: no

This parameter is required.', example='open'),
}

model SwitchSecurityProxyResponseBody = {
  requestId?: string(name='RequestId', description='The request ID.', example='F1E55690-3ABA-58FA-90E3-593EF05B73ED'),
}

model SwitchSecurityProxyResponse = {
  headers?: map[string]string(name='headers'),
  statusCode?: int32(name='statusCode'),
  body?: SwitchSecurityProxyResponseBody(name='body'),
}

/**
 * @summary Enables or disables a NAT firewall.
 *
 * @param request SwitchSecurityProxyRequest
 * @param runtime runtime options for this request RuntimeOptions
 * @return SwitchSecurityProxyResponse
 */
async function switchSecurityProxyWithOptions(request: SwitchSecurityProxyRequest, runtime: Util.RuntimeOptions): SwitchSecurityProxyResponse {
  Util.validateModel(request);
  var query = {};
  if (!Util.isUnset(request.lang)) {
    query['Lang'] = request.lang;
  }
  if (!Util.isUnset(request.proxyId)) {
    query['ProxyId'] = request.proxyId;
  }
  if (!Util.isUnset(request.switch)) {
    query['Switch'] = request.switch;
  }
  var req = new OpenApi.OpenApiRequest{ 
    query = OpenApiUtil.query(query),
  };
  var params = new OpenApi.Params{
    action = 'SwitchSecurityProxy',
    version = '2017-12-07',
    protocol = 'HTTPS',
    pathname = '/',
    method = 'POST',
    authType = 'AK',
    style = 'RPC',
    reqBodyType = 'formData',
    bodyType = 'json',
  };
  return callApi(params, req, runtime);
}

/**
 * @summary Enables or disables a NAT firewall.
 *
 * @param request SwitchSecurityProxyRequest
 * @return SwitchSecurityProxyResponse
 */
async function switchSecurityProxy(request: SwitchSecurityProxyRequest): SwitchSecurityProxyResponse {
  var runtime = new Util.RuntimeOptions{};
  return switchSecurityProxyWithOptions(request, runtime);
}

